From f3b84360f21e7e6e28ddfa62847a071e060bcb52 Mon Sep 17 00:00:00 2001 From: Martin Kanis Date: Thu, 29 May 2025 12:47:14 +0200 Subject: [PATCH] [Keycloak CI] - Cookies Tests - KcOidcBrokerTokenExchangeTest Closes #39950 Signed-off-by: Martin Kanis --- .../broker/KcOidcBrokerTokenExchangeTest.java | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTokenExchangeTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTokenExchangeTest.java index 978dbbc88172..dff40f8394ab 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTokenExchangeTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTokenExchangeTest.java @@ -97,9 +97,7 @@ public void testExternalInternalTokenExchange() throws Exception { @Test public void testExternalInternalTokenExchangeUsingIssuer() throws Exception { - RealmResource consumerRealm = realmsResouce().realm(bc.consumerRealmName()); - IdentityProviderRepresentation broker = consumerRealm.identityProviders().get(bc.getIDPAlias()).toRepresentation(); - assertExternalToInternalExchange(broker.getConfig().get(OIDCIdentityProviderConfigRep.ISSUER), true, false); + assertExternalToInternalExchange(bc.getIDPAlias(), true, false); } @Test @@ -135,6 +133,9 @@ private void assertExternalToInternalExchange(String subjectIssuer, boolean idTo if (!representation.getConfig().get("issuer").startsWith(ServerURLs.getAuthServerContextRoot())) { representation.getConfig().put("issuer", ServerURLs.getAuthServerContextRoot() + "/auth/realms/provider"); } + if (userInfo) { + representation.getConfig().put("userInfoUrl", ServerURLs.getAuthServerContextRoot() + "/auth/realms/provider/protocol/openid-connect/userinfo"); + } identityProviderResource.update(representation); identityProviderResource.addMapper(hardCodedSessionNoteMapper).close(); @@ -325,6 +326,10 @@ public void testIgnoredTokenTypesValidationWhenExplicitlyConfigured() throws Exc IdentityProviderRepresentation idpRep = identityProviderResource.toRepresentation(); idpRep.getConfig().put("disableUserInfo", "true"); idpRep.getConfig().put("disableTypeClaimCheck", "true"); + // if auth.server.host != auth.server.host2 we need to update the issuer in the IDP config + if (!idpRep.getConfig().get("issuer").startsWith(ServerURLs.getAuthServerContextRoot())) { + idpRep.getConfig().put("issuer", ServerURLs.getAuthServerContextRoot() + "/auth/realms/provider"); + } identityProviderResource.update(idpRep); getCleanup().addCleanup(() -> { idpRep.getConfig().put("disableUserInfo", "false"); @@ -343,7 +348,7 @@ public void testIgnoredTokenTypesValidationWhenExplicitlyConfigured() throws Exc Client httpClient = AdminClientUtil.createResteasyClient(); try { - WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT) + WebTarget exchangeUrl = httpClient.target(ServerURLs.getAuthServerContextRoot() + "/auth") .path("/realms") .path(bc.consumerRealmName()) .path("protocol/openid-connect/token");