-
Notifications
You must be signed in to change notification settings - Fork 35
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Implement test for OIDC filtered client (#1513)
* Implement test for OIDC filtered client Test for quarkusio/quarkus#36459 and quarkusio/quarkus#36501 * Resolve ambiguous accessTokenRequest * Add OIDC FilteredToken test to reactive
- Loading branch information
Showing
16 changed files
with
247 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
15 changes: 15 additions & 0 deletions
15
...curity/keycloak/oidcclient/extended/restclient/ping/filters/CustomTokenRequestFilter.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.extended.restclient.ping.filters; | ||
|
||
import io.quarkus.oidc.token.propagation.AccessTokenRequestFilter; | ||
|
||
public class CustomTokenRequestFilter extends AccessTokenRequestFilter { | ||
@Override | ||
protected String getClientName() { | ||
return "exchange-token"; | ||
} | ||
|
||
@Override | ||
protected boolean isExchangeToken() { | ||
return true; | ||
} | ||
} |
14 changes: 14 additions & 0 deletions
14
...urity/keycloak/oidcclient/extended/restclient/ping/filters/DefaultTokenRequestFilter.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.extended.restclient.ping.filters; | ||
|
||
import io.quarkus.oidc.token.propagation.AccessTokenRequestFilter; | ||
|
||
/** | ||
* This class is required for | ||
* {@link io.quarkus.ts.security.keycloak.oidcclient.extended.restclient.ping.clients.TokenPropagationPongClient} | ||
* It would not be required normally, but having {@link CustomTokenRequestFilter} causes AmbiguousResolutionException when | ||
* getting a default filter. | ||
* So this class is necessary to have unambiguous filter for TokenPropagatingPongClient. | ||
* TODO: remove once issue is solved https://github.com/quarkusio/quarkus/issues/36994 | ||
*/ | ||
public class DefaultTokenRequestFilter extends AccessTokenRequestFilter { | ||
} |
22 changes: 22 additions & 0 deletions
22
.../ts/security/keycloak/oidcclient/extended/restclient/principal/FilteredTokenResource.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.extended.restclient.principal; | ||
|
||
import jakarta.inject.Inject; | ||
import jakarta.ws.rs.GET; | ||
import jakarta.ws.rs.Path; | ||
|
||
import org.eclipse.microprofile.rest.client.inject.RestClient; | ||
|
||
import io.quarkus.ts.security.keycloak.oidcclient.extended.restclient.principal.clients.TokenPropagationFilteredClient; | ||
|
||
@Path("/token-propagation-filter") | ||
public class FilteredTokenResource { | ||
|
||
@Inject | ||
@RestClient | ||
TokenPropagationFilteredClient tokenPropagationFilterClient; | ||
|
||
@GET | ||
public String getUserName() { | ||
return tokenPropagationFilterClient.getUserName(); | ||
} | ||
} |
22 changes: 22 additions & 0 deletions
22
...rkus/ts/security/keycloak/oidcclient/extended/restclient/principal/PrincipalResource.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.extended.restclient.principal; | ||
|
||
import java.security.Principal; | ||
|
||
import jakarta.inject.Inject; | ||
import jakarta.ws.rs.GET; | ||
import jakarta.ws.rs.Path; | ||
|
||
import io.quarkus.security.Authenticated; | ||
|
||
@Path("/principal") | ||
@Authenticated | ||
public class PrincipalResource { | ||
|
||
@Inject | ||
Principal principal; | ||
|
||
@GET | ||
public String principalName() { | ||
return principal.getName(); | ||
} | ||
} |
20 changes: 20 additions & 0 deletions
20
...loak/oidcclient/extended/restclient/principal/clients/TokenPropagationFilteredClient.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.extended.restclient.principal.clients; | ||
|
||
import jakarta.ws.rs.GET; | ||
import jakarta.ws.rs.Path; | ||
|
||
import org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders; | ||
import org.eclipse.microprofile.rest.client.annotation.RegisterProvider; | ||
import org.eclipse.microprofile.rest.client.inject.RegisterRestClient; | ||
|
||
import io.quarkus.ts.security.keycloak.oidcclient.extended.restclient.ping.filters.CustomTokenRequestFilter; | ||
|
||
@RegisterRestClient | ||
@RegisterClientHeaders | ||
@Path("/principal") | ||
@RegisterProvider(CustomTokenRequestFilter.class) | ||
public interface TokenPropagationFilteredClient { | ||
|
||
@GET | ||
String getUserName(); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
22 changes: 22 additions & 0 deletions
22
...quarkus/ts/security/keycloak/oidcclient/extended/restclient/TokenPropagationFilterIT.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.extended.restclient; | ||
|
||
import static io.restassured.RestAssured.given; | ||
import static org.hamcrest.CoreMatchers.containsString; | ||
|
||
import org.apache.http.HttpStatus; | ||
import org.junit.jupiter.api.Test; | ||
|
||
import io.quarkus.test.scenarios.QuarkusScenario; | ||
|
||
@QuarkusScenario | ||
public class TokenPropagationFilterIT extends BaseOidcIT { | ||
|
||
@Test | ||
public void usernameTest() { | ||
given() | ||
.auth().oauth2(createToken()) | ||
.when().get("/token-propagation-filter") | ||
.then().statusCode(HttpStatus.SC_OK) | ||
.body(containsString(USER)); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
15 changes: 15 additions & 0 deletions
15
...security/keycloak/oidcclient/reactive/extended/ping/filters/CustomTokenRequestFilter.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.reactive.extended.ping.filters; | ||
|
||
import io.quarkus.oidc.token.propagation.reactive.AccessTokenRequestReactiveFilter; | ||
|
||
public class CustomTokenRequestFilter extends AccessTokenRequestReactiveFilter { | ||
@Override | ||
protected String getClientName() { | ||
return "exchange-token"; | ||
} | ||
|
||
@Override | ||
protected boolean isExchangeToken() { | ||
return true; | ||
} | ||
} |
9 changes: 9 additions & 0 deletions
9
...ecurity/keycloak/oidcclient/reactive/extended/ping/filters/DefaultTokenRequestFilter.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.reactive.extended.ping.filters; | ||
|
||
import io.quarkus.oidc.token.propagation.reactive.AccessTokenRequestReactiveFilter; | ||
|
||
/** | ||
* TODO: remove once issue is solved https://github.com/quarkusio/quarkus/issues/36994 | ||
*/ | ||
public class DefaultTokenRequestFilter extends AccessTokenRequestReactiveFilter { | ||
} |
22 changes: 22 additions & 0 deletions
22
...us/ts/security/keycloak/oidcclient/reactive/extended/principal/FilteredTokenResource.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.reactive.extended.principal; | ||
|
||
import jakarta.inject.Inject; | ||
import jakarta.ws.rs.GET; | ||
import jakarta.ws.rs.Path; | ||
|
||
import org.eclipse.microprofile.rest.client.inject.RestClient; | ||
|
||
import io.quarkus.ts.security.keycloak.oidcclient.reactive.extended.principal.clients.TokenPropagationFilteredClient; | ||
|
||
@Path("/token-propagation-filter") | ||
public class FilteredTokenResource { | ||
|
||
@Inject | ||
@RestClient | ||
TokenPropagationFilteredClient tokenPropagationFilterClient; | ||
|
||
@GET | ||
public String getUserName() { | ||
return tokenPropagationFilterClient.getUserName(); | ||
} | ||
} |
22 changes: 22 additions & 0 deletions
22
...uarkus/ts/security/keycloak/oidcclient/reactive/extended/principal/PrincipalResource.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.reactive.extended.principal; | ||
|
||
import java.security.Principal; | ||
|
||
import jakarta.inject.Inject; | ||
import jakarta.ws.rs.GET; | ||
import jakarta.ws.rs.Path; | ||
|
||
import io.quarkus.security.Authenticated; | ||
|
||
@Path("/principal") | ||
@Authenticated | ||
public class PrincipalResource { | ||
|
||
@Inject | ||
Principal principal; | ||
|
||
@GET | ||
public String principalName() { | ||
return principal.getName(); | ||
} | ||
} |
20 changes: 20 additions & 0 deletions
20
...ycloak/oidcclient/reactive/extended/principal/clients/TokenPropagationFilteredClient.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.reactive.extended.principal.clients; | ||
|
||
import jakarta.ws.rs.GET; | ||
import jakarta.ws.rs.Path; | ||
|
||
import org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders; | ||
import org.eclipse.microprofile.rest.client.annotation.RegisterProvider; | ||
import org.eclipse.microprofile.rest.client.inject.RegisterRestClient; | ||
|
||
import io.quarkus.ts.security.keycloak.oidcclient.reactive.extended.ping.filters.CustomTokenRequestFilter; | ||
|
||
@RegisterRestClient | ||
@RegisterClientHeaders | ||
@Path("/principal") | ||
@RegisterProvider(CustomTokenRequestFilter.class) | ||
public interface TokenPropagationFilteredClient { | ||
|
||
@GET | ||
String getUserName(); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
22 changes: 22 additions & 0 deletions
22
...o/quarkus/ts/security/keycloak/oidcclient/reactive/extended/TokenPropagationFilterIT.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
package io.quarkus.ts.security.keycloak.oidcclient.reactive.extended; | ||
|
||
import static io.restassured.RestAssured.given; | ||
import static org.hamcrest.CoreMatchers.containsString; | ||
|
||
import org.apache.http.HttpStatus; | ||
import org.junit.jupiter.api.Test; | ||
|
||
import io.quarkus.test.scenarios.QuarkusScenario; | ||
|
||
@QuarkusScenario | ||
public class TokenPropagationFilterIT extends BaseOidcIT { | ||
|
||
@Test | ||
public void usernameTest() { | ||
given() | ||
.auth().oauth2(createToken()) | ||
.when().get("/token-propagation-filter") | ||
.then().statusCode(HttpStatus.SC_OK) | ||
.body(containsString(USER)); | ||
} | ||
} |