|
|
|
@ -42,104 +42,104 @@ public class HostnameDistTest {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--http-enabled=true", "--hostname-strict-https=false" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--http-enabled=true", "--hostname-strict-https=false" })
|
|
|
|
|
public void testSchemeAndPortFromRequestWhenNoProxySet() {
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/");
|
|
|
|
|
assertFrontEndUrl("http://localhost:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/");
|
|
|
|
|
assertFrontEndUrl("https://localhost:8443", "https://mykeycloak.127.0.0.1.nip.io:8443/");
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.org:8080", "http://mykeycloak.org:8080/");
|
|
|
|
|
assertFrontEndUrl("http://localhost:8080", "http://mykeycloak.org:8080/");
|
|
|
|
|
assertFrontEndUrl("https://localhost:8443", "https://mykeycloak.org:8443/");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--http-enabled=true" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--http-enabled=true" })
|
|
|
|
|
public void testForceHttpsSchemeAndPortWhenStrictHttpsEnabled() {
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "https://mykeycloak.127.0.0.1.nip.io:8443/");
|
|
|
|
|
assertFrontEndUrl("http://localhost:8080", "https://mykeycloak.127.0.0.1.nip.io:8443/");
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.org:8080", "https://mykeycloak.org:8443/");
|
|
|
|
|
assertFrontEndUrl("http://localhost:8080", "https://mykeycloak.org:8443/");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-port=8443", "--http-enabled=true", "--hostname-strict-https=false" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--hostname-port=8443", "--http-enabled=true", "--hostname-strict-https=false" })
|
|
|
|
|
public void testForceHostnamePortWhenNoProxyIsSet() {
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "http://mykeycloak.127.0.0.1.nip.io:8443/");
|
|
|
|
|
assertFrontEndUrl("https://mykeycloak.127.0.0.1.nip.io:8443", "https://mykeycloak.127.0.0.1.nip.io:8443/");
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.org:8080", "http://mykeycloak.org:8443/");
|
|
|
|
|
assertFrontEndUrl("https://mykeycloak.org:8443", "https://mykeycloak.org:8443/");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--proxy=edge" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--proxy=edge" })
|
|
|
|
|
public void testUseDefaultPortsWhenProxyIsSet() {
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "https://mykeycloak.127.0.0.1.nip.io/");
|
|
|
|
|
assertFrontEndUrl("https://mykeycloak.127.0.0.1.nip.io:8443", "https://mykeycloak.127.0.0.1.nip.io/");
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.org:8080", "https://mykeycloak.org/");
|
|
|
|
|
assertFrontEndUrl("https://mykeycloak.org:8443", "https://mykeycloak.org/");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--proxy=edge", "--hostname-strict-https=false" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--proxy=edge", "--hostname-strict-https=false" })
|
|
|
|
|
public void testUseDefaultPortsWhenProxyIsSetNoStrictHttps() {
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "http://mykeycloak.127.0.0.1.nip.io/");
|
|
|
|
|
assertFrontEndUrl("https://mykeycloak.127.0.0.1.nip.io:8443", "https://mykeycloak.127.0.0.1.nip.io/");
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.org:8080", "http://mykeycloak.org/");
|
|
|
|
|
assertFrontEndUrl("https://mykeycloak.org:8443", "https://mykeycloak.org/");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--proxy=edge", "--hostname-strict-https=true" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--proxy=edge", "--hostname-strict-https=true" })
|
|
|
|
|
public void testUseDefaultPortsAndHttpsSchemeWhenProxyIsSetAndStrictHttpsEnabled() {
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "https://mykeycloak.127.0.0.1.nip.io/");
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.org:8080", "https://mykeycloak.org/");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--http-enabled=true", "--hostname-strict-https=false" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--http-enabled=true", "--hostname-strict-https=false" })
|
|
|
|
|
public void testBackEndUrlFromRequest() {
|
|
|
|
|
assertBackEndUrl("http://localhost:8080", "http://localhost:8080/");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-strict-backchannel=true", "--http-enabled=true", "--hostname-strict-https=false" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--hostname-strict-backchannel=true", "--http-enabled=true", "--hostname-strict-https=false" })
|
|
|
|
|
public void testBackEndUrlSameAsFrontEndUrl() {
|
|
|
|
|
assertBackEndUrl("http://localhost:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/");
|
|
|
|
|
assertBackEndUrl("http://localhost:8080", "http://mykeycloak.org:8080/");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-path=/auth", "--hostname-strict=true", "--hostname-strict-backchannel=true", "--http-enabled=true", "--hostname-strict-https=false" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--hostname-path=/auth", "--hostname-strict=true", "--hostname-strict-backchannel=true", "--http-enabled=true", "--hostname-strict-https=false" })
|
|
|
|
|
public void testSetHostnamePath() {
|
|
|
|
|
assertFrontEndUrl("http://localhost:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/auth/");
|
|
|
|
|
assertBackEndUrl("http://localhost:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/auth/");
|
|
|
|
|
assertFrontEndUrl("http://localhost:8080", "http://mykeycloak.org:8080/auth/");
|
|
|
|
|
assertBackEndUrl("http://localhost:8080", "http://mykeycloak.org:8080/auth/");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--https-port=8543", "--hostname-strict-https=true", "--http-enabled=true" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--https-port=8543", "--hostname-strict-https=true", "--http-enabled=true" })
|
|
|
|
|
public void testDefaultTlsPortChangeWhenHttpPortSet() {
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "https://mykeycloak.127.0.0.1.nip.io:8543/");
|
|
|
|
|
assertFrontEndUrl("http://mykeycloak.org:8080", "https://mykeycloak.org:8543/");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-strict-https=true", "--hostname-port=8543", "--http-enabled=true" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--hostname-strict-https=true", "--hostname-port=8543", "--http-enabled=true" })
|
|
|
|
|
public void testWelcomePageAdminUrl() {
|
|
|
|
|
Assert.assertTrue(when().get("http://mykeycloak.127.0.0.1.nip.io:8080").asString().contains("http://mykeycloak.127.0.0.1.nip.io:8080/admin/"));
|
|
|
|
|
Assert.assertTrue(when().get("https://mykeycloak.127.0.0.1.nip.io:8443").asString().contains("https://mykeycloak.127.0.0.1.nip.io:8443/admin/"));
|
|
|
|
|
Assert.assertTrue(when().get("http://mykeycloak.org:8080").asString().contains("http://mykeycloak.org:8080/admin/"));
|
|
|
|
|
Assert.assertTrue(when().get("https://mykeycloak.org:8443").asString().contains("https://mykeycloak.org:8443/admin/"));
|
|
|
|
|
Assert.assertTrue(when().get("http://localhost:8080").asString().contains("http://localhost:8080/admin/"));
|
|
|
|
|
Assert.assertTrue(when().get("https://localhost:8443").asString().contains("https://localhost:8443/admin/"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-admin=mykeycloakadmin.127.0.0.1.nip.io", "--http-enabled=true" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--hostname-admin=mykeycloakadmin.127.0.0.1.nip.io", "--http-enabled=true" })
|
|
|
|
|
public void testHostnameAdminSet() {
|
|
|
|
|
Assert.assertTrue(when().get("https://mykeycloak.127.0.0.1.nip.io:8443/admin/master/console").asString().contains("\"authUrl\": \"https://mykeycloakadmin.127.0.0.1.nip.io:8443\""));
|
|
|
|
|
Assert.assertTrue(when().get("https://mykeycloak.127.0.0.1.nip.io:8443/realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https://mykeycloakadmin.127.0.0.1.nip.io:8443/admin/master/console&state=02234324-d91e-4bf2-8396-57498e96b12a&response_mode=fragment&response_type=code&scope=openid&nonce=f8f3812e-e349-4bbf-8d15-cbba4927f5e5&code_challenge=7qjD_v11WGkt1ig-ZFHxJdrEvuTlzjFRgRGQ_5ADcko&code_challenge_method=S256").asString().contains("Sign in to your account"));
|
|
|
|
|
Assert.assertTrue(when().get("https://mykeycloak.org:8443/admin/master/console").asString().contains("\"authUrl\": \"https://mykeycloakadmin.127.0.0.1.nip.io:8443\""));
|
|
|
|
|
Assert.assertTrue(when().get("https://mykeycloak.org:8443/realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https://mykeycloakadmin.127.0.0.1.nip.io:8443/admin/master/console&state=02234324-d91e-4bf2-8396-57498e96b12a&response_mode=fragment&response_type=code&scope=openid&nonce=f8f3812e-e349-4bbf-8d15-cbba4927f5e5&code_challenge=7qjD_v11WGkt1ig-ZFHxJdrEvuTlzjFRgRGQ_5ADcko&code_challenge_method=S256").asString().contains("Sign in to your account"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--http-enabled=true" })
|
|
|
|
|
@Launch({ "start", "--hostname=mykeycloak.org", "--http-enabled=true" })
|
|
|
|
|
public void testInvalidRedirectUriWhenAdminNotSet() {
|
|
|
|
|
Assert.assertTrue(when().get("https://mykeycloak.127.0.0.1.nip.io:8443/realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https://mykeycloakadmin.127.0.0.1.nip.io:8443/admin/master/console&state=02234324-d91e-4bf2-8396-57498e96b12a&response_mode=fragment&response_type=code&scope=openid&nonce=f8f3812e-e349-4bbf-8d15-cbba4927f5e5&code_challenge=7qjD_v11WGkt1ig-ZFHxJdrEvuTlzjFRgRGQ_5ADcko&code_challenge_method=S256").asString().contains("Invalid parameter: redirect_uri"));
|
|
|
|
|
Assert.assertTrue(when().get("https://mykeycloak.org:8443/realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https://mykeycloakadmin.127.0.0.1.nip.io:8443/admin/master/console&state=02234324-d91e-4bf2-8396-57498e96b12a&response_mode=fragment&response_type=code&scope=openid&nonce=f8f3812e-e349-4bbf-8d15-cbba4927f5e5&code_challenge=7qjD_v11WGkt1ig-ZFHxJdrEvuTlzjFRgRGQ_5ADcko&code_challenge_method=S256").asString().contains("Invalid parameter: redirect_uri"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--proxy=edge", "--hostname-url=http://mykeycloak.127.0.0.1.nip.io:1234" })
|
|
|
|
|
@Launch({ "start", "--proxy=edge", "--hostname-url=http://mykeycloak.org:1234" })
|
|
|
|
|
public void testFrontendUrl() {
|
|
|
|
|
assertFrontEndUrl("https://mykeycloak.127.0.0.1.nip.io:8443", "http://mykeycloak.127.0.0.1.nip.io:1234/");
|
|
|
|
|
assertFrontEndUrl("https://mykeycloak.org:8443", "http://mykeycloak.org:1234/");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
|
@Launch({ "start", "--proxy=edge", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-admin-url=http://mykeycloakadmin.127.0.0.1.nip.io:1234" })
|
|
|
|
|
@Launch({ "start", "--proxy=edge", "--hostname=mykeycloak.org", "--hostname-admin-url=http://mykeycloakadmin.127.0.0.1.nip.io:1234" })
|
|
|
|
|
public void testAdminUrl() {
|
|
|
|
|
Assert.assertTrue(when().get("https://mykeycloak.127.0.0.1.nip.io:8443").asString().contains("http://mykeycloakadmin.127.0.0.1.nip.io:1234/admin/"));
|
|
|
|
|
Assert.assertTrue(when().get("https://mykeycloak.org:8443").asString().contains("http://mykeycloakadmin.127.0.0.1.nip.io:1234/admin/"));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private OIDCConfigurationRepresentation getServerMetadata(String baseUrl) {
|
|
|
|
|