keycloak-uncached
Changes
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AbstractAuthOptionsCmd.java 7(+5 -2)
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AddRolesCmd.java 5(+3 -2)
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/ConfigCredentialsCmd.java 2(+2 -0)
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/ConfigTruststoreCmd.java 3(+2 -1)
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/CreateCmd.java 9(+5 -4)
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/DeleteCmd.java 5(+3 -2)
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetCmd.java 6(+3 -3)
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetRolesCmd.java 5(+3 -2)
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/NewObjectCmd.java 2(+1 -1)
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/RemoveRolesCmd.java 5(+3 -2)
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/SetPasswordCmd.java 5(+3 -2)
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/UpdateCmd.java 5(+3 -2)
Details
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AbstractAuthOptionsCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AbstractAuthOptionsCmd.java
index 1473d7f..d8d6b56 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AbstractAuthOptionsCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AbstractAuthOptionsCmd.java
@@ -47,7 +47,7 @@ public abstract class AbstractAuthOptionsCmd extends AbstractGlobalOptionsCmd {
@Option(name = "config", description = "Path to the config file (~/.keycloak/kcadm.config by default)")
String config;
- @Option(name = "no-config", description = "No configuration file should be used, no authentication info should be saved", hasValue = false)
+ @Option(name = "no-config", description = "Don't use config file - no authentication info is loaded or saved", hasValue = false)
boolean noconfig;
@Option(name = "server", description = "Server endpoint url (e.g. 'http://localhost:8080/auth')")
@@ -259,9 +259,12 @@ public abstract class AbstractAuthOptionsCmd extends AbstractGlobalOptionsCmd {
String value = options[++i];
if (value != null) {
- throw new RuntimeException("Unsupported option: " + name);
+ throw new IllegalArgumentException("Unsupported option: " + name);
}
}
}
+ protected static String booleanOptionForCheck(boolean value) {
+ return value ? "true" : null;
+ }
}
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AddRolesCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AddRolesCmd.java
index 2ca6cd3..549a6c7 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AddRolesCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AddRolesCmd.java
@@ -338,11 +338,12 @@ public class AddRolesCmd extends AbstractAuthOptionsCmd {
out.println(" Global options:");
out.println(" -x Print full stack trace when exiting with error");
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
+ out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
- out.println(" an authenticated sessions. This allows on-the-fly transient authentication that does");
- out.println(" not touch a config file.");
+ out.println(" an authenticated sessions. In combination with --no-config option this allows transient");
+ out.println(" (on-the-fly) authentication to be performed which leaves no tokens in config file.");
out.println();
out.println(" Command specific options:");
out.println(" --uusername User's 'username'. If more than one user exists with the same username");
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/ConfigCredentialsCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/ConfigCredentialsCmd.java
index c84c52e..95fe628 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/ConfigCredentialsCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/ConfigCredentialsCmd.java
@@ -83,6 +83,8 @@ public class ConfigCredentialsCmd extends AbstractAuthOptionsCmd {
return help ? CommandResult.SUCCESS : CommandResult.FAILURE;
}
+ checkUnsupportedOptions("--no-config", booleanOptionForCheck(noconfig));
+
processGlobalOptions();
return process(commandInvocation);
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/ConfigTruststoreCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/ConfigTruststoreCmd.java
index 38f7b9f..24c0de1 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/ConfigTruststoreCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/ConfigTruststoreCmd.java
@@ -111,7 +111,8 @@ public class ConfigTruststoreCmd extends AbstractAuthOptionsCmd {
"--truststore", trustStore,
"--keystore", keystore,
"--keypass", keyPass,
- "--alias", alias);
+ "--alias", alias,
+ "--no-config", booleanOptionForCheck(noconfig));
// now update the config
processGlobalOptions();
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/CreateCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/CreateCmd.java
index 86ca3f1..49b2739 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/CreateCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/CreateCmd.java
@@ -91,19 +91,20 @@ public class CreateCmd extends AbstractRequestCmd {
out.println();
out.println("Command to create new resources on the server.");
out.println();
- out.println("Use `" + CMD + " config credentials` to establish an authenticated sessions, or use CREDENTIALS OPTIONS");
- out.println("to perform one time authentication.");
+ out.println("Use `" + CMD + " config credentials` to establish an authenticated sessions, or use --no-config with ");
+ out.println("CREDENTIALS OPTIONS to perform one time authentication.");
out.println();
out.println("Arguments:");
out.println();
out.println(" Global options:");
out.println(" -x Print full stack trace when exiting with error");
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
+ out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
- out.println(" an authenticated sessions. This allows on-the-fly transient authentication that does");
- out.println(" not touch a config file.");
+ out.println(" an authenticated sessions. In combination with --no-config option this allows transient");
+ out.println(" (on-the-fly) authentication to be performed which leaves no tokens in config file.");
out.println();
out.println(" Command specific options:");
out.println(" ENDPOINT_URI URI used to compose a target resource url. Commonly used values are:");
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/DeleteCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/DeleteCmd.java
index d84833d..47a26f6 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/DeleteCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/DeleteCmd.java
@@ -66,11 +66,12 @@ public class DeleteCmd extends CreateCmd {
out.println(" Global options:");
out.println(" -x Print full stack trace when exiting with error");
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
+ out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
- out.println(" an authenticated sessions. This allows on-the-fly transient authentication that does");
- out.println(" not touch a config file.");
+ out.println(" an authenticated sessions. In combination with --no-config option this allows transient");
+ out.println(" (on-the-fly) authentication to be performed which leaves no tokens in config file.");
out.println();
out.println(" Command specific options:");
out.println(" ENDPOINT_URI URI used to compose a target resource url. Commonly used values start with:");
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetCmd.java
index 27005e4..3910b99 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetCmd.java
@@ -98,11 +98,12 @@ public class GetCmd extends AbstractRequestCmd {
out.println(" Global options:");
out.println(" -x Print full stack trace when exiting with error");
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
+ out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
- out.println(" an authenticated sessions. This allows on-the-fly transient authentication that does");
- out.println(" not touch a config file.");
+ out.println(" an authenticated sessions. In combination with --no-config option this allows transient");
+ out.println(" (on-the-fly) authentication to be performed which leaves no tokens in config file.");
out.println();
out.println(" Command specific options:");
out.println(" ENDPOINT_URI URI used to compose a target resource url. Commonly used values are:");
@@ -116,7 +117,6 @@ public class GetCmd extends AbstractRequestCmd {
out.println(" which some endpoints recognize");
out.println();
out.println(" -H, --print-headers Print response headers");
- out.println(" -o, --output After delete output any response to standard output");
out.println(" -F, --fields FILTER A filter pattern to specify which fields of a JSON response to output");
out.println(" -c, --compressed Don't pretty print the output");
out.println(" --format FORMAT Set output format to comma-separated-values by using 'csv'. Default format is 'json'");
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetRolesCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetRolesCmd.java
index 9a4fb65..23cc591 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetRolesCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetRolesCmd.java
@@ -342,11 +342,12 @@ public class GetRolesCmd extends GetCmd {
out.println(" Global options:");
out.println(" -x Print full stack trace when exiting with error");
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
+ out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
- out.println(" an authenticated sessions. This allows on-the-fly transient authentication that does");
- out.println(" not touch a config file.");
+ out.println(" an authenticated sessions. In combination with --no-config option this allows transient");
+ out.println(" (on-the-fly) authentication to be performed which leaves no tokens in config file.");
out.println();
out.println(" Command specific options:");
out.println(" --uusername User's 'username'. If more than one user exists with the same username");
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/NewObjectCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/NewObjectCmd.java
index 33fcdc6..6c1c03d 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/NewObjectCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/NewObjectCmd.java
@@ -167,7 +167,7 @@ public class NewObjectCmd extends AbstractGlobalOptionsCmd {
out.println();
out.println("Command to compose JSON objects from attributes, and merge changes into existing JSON documents.");
out.println();
- out.println("This is a local command that does not perform any server requests. It's functionality is fully ");
+ out.println("This is a local command that does not perform any server requests. Its functionality is fully ");
out.println("integrated into 'create', 'update' and 'delete' commands. It's supposed to be a helper tool only.");
out.println();
out.println("Arguments:");
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/RemoveRolesCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/RemoveRolesCmd.java
index 5338d23..4f9c496 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/RemoveRolesCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/RemoveRolesCmd.java
@@ -338,11 +338,12 @@ public class RemoveRolesCmd extends AbstractAuthOptionsCmd {
out.println(" Global options:");
out.println(" -x Print full stack trace when exiting with error");
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
+ out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
- out.println(" an authenticated sessions. This allows on-the-fly transient authentication that does");
- out.println(" not touch a config file.");
+ out.println(" an authenticated sessions. In combination with --no-config option this allows transient");
+ out.println(" (on-the-fly) authentication to be performed which leaves no tokens in config file.");
out.println();
out.println(" Command specific options:");
out.println(" --uusername User's 'username'. If more than one user exists with the same username");
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/SetPasswordCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/SetPasswordCmd.java
index 805a830..c0317ad 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/SetPasswordCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/SetPasswordCmd.java
@@ -150,11 +150,12 @@ public class SetPasswordCmd extends AbstractAuthOptionsCmd {
out.println(" Global options:");
out.println(" -x Print full stack trace when exiting with error");
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
+ out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
- out.println(" an authenticated sessions. This allows on-the-fly transient authentication that does");
- out.println(" not touch a config file.");
+ out.println(" an authenticated sessions. In combination with --no-config option this allows transient");
+ out.println(" (on-the-fly) authentication to be performed which leaves no tokens in config file.");
out.println();
out.println(" Command specific options:");
out.println(" --username USERNAME Identify target user by 'username'");
diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/UpdateCmd.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/UpdateCmd.java
index 6c194e9..086985b 100644
--- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/UpdateCmd.java
+++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/UpdateCmd.java
@@ -107,11 +107,12 @@ public class UpdateCmd extends AbstractRequestCmd {
out.println(" Global options:");
out.println(" -x Print full stack trace when exiting with error");
out.println(" --config Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
+ out.println(" --no-config Don't use config file - no authentication info is loaded or saved");
out.println(" --truststore PATH Path to a truststore containing trusted certificates");
out.println(" --trustpass PASSWORD Truststore password (prompted for if not specified and --truststore is used)");
out.println(" CREDENTIALS OPTIONS Same set of options as accepted by '" + CMD + " config credentials' in order to establish");
- out.println(" an authenticated sessions. This allows on-the-fly transient authentication that does");
- out.println(" not touch a config file.");
+ out.println(" an authenticated sessions. In combination with --no-config option this allows transient");
+ out.println(" (on-the-fly) authentication to be performed which leaves no tokens in config file.");
out.println();
out.println(" Command specific options:");
out.println(" ENDPOINT_URI URI used to compose a target resource url. Commonly used values start with:");
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTest.java
index 3b427f0..077e427 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTest.java
@@ -259,6 +259,18 @@ public class KcAdmTest extends AbstractAdmCliTest {
}
@Test
+ public void testCredentialsWithNoConfig() {
+ /*
+ * Test with --no-config specified which is not supported
+ */
+ KcAdmExec exe = KcAdmExec.execute("config credentials --no-config --server " + serverUrl + " --realm master --user admin --password admin");
+
+ assertExitCodeAndStreamSizes(exe, 1, 0, 2);
+ Assert.assertEquals("stderr first line", "Unsupported option: --no-config", exe.stderrLines().get(0));
+ Assert.assertEquals("try help", "Try '" + CMD + " help config credentials' for more information", exe.stderrLines().get(1));
+ }
+
+ @Test
public void testUserLoginWithDefaultConfig() {
/*
* Test most basic user login, using the default admin-cli as a client
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTruststoreTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTruststoreTest.java
index 1346442..9ab7128 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTruststoreTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTruststoreTest.java
@@ -4,6 +4,7 @@ import org.junit.Assert;
import org.junit.Test;
import org.keycloak.client.admin.cli.config.ConfigData;
import org.keycloak.client.admin.cli.config.FileConfigHandler;
+import org.keycloak.client.admin.cli.util.OsUtil;
import org.keycloak.testsuite.cli.KcAdmExec;
import org.keycloak.testsuite.util.TempFileResource;
@@ -23,21 +24,27 @@ public class KcAdmTruststoreTest extends AbstractAdmCliTest {
@Test
public void testTruststore() throws IOException {
+ File truststore = new File("src/test/resources/keystore/keycloak.truststore");
+
+ KcAdmExec exe = execute("config truststore --no-config '" + truststore.getAbsolutePath() + "'");
+
+ assertExitCodeAndStreamSizes(exe, 1, 0, 2);
+ Assert.assertEquals("stderr first line", "Unsupported option: --no-config", exe.stderrLines().get(0));
+ Assert.assertEquals("try help", "Try '" + OsUtil.CMD + " help config truststore' for more information", exe.stderrLines().get(1));
+
// only run this test if ssl protected keycloak server is available
if (!isAuthServerSSL()) {
System.out.println("TEST SKIPPED - This test requires HTTPS. Run with '-Pauth-server-wildfly -Dauth.server.ssl.required=true'");
return;
}
- File truststore = new File("src/test/resources/keystore/keycloak.truststore");
-
FileConfigHandler handler = initCustomConfigFile();
try (TempFileResource configFile = new TempFileResource(handler.getConfigFile())) {
if (runIntermittentlyFailingTests()) {
// configure truststore
- KcAdmExec exe = execute("config truststore --config '" + configFile.getName() + "' '" + truststore.getAbsolutePath() + "'");
+ exe = execute("config truststore --config '" + configFile.getName() + "' '" + truststore.getAbsolutePath() + "'");
assertExitCodeAndStreamSizes(exe, 0, 0, 0);
@@ -80,7 +87,7 @@ public class KcAdmTruststoreTest extends AbstractAdmCliTest {
}
// configure truststore with password
- KcAdmExec exe = execute("config truststore --trustpass secret '" + truststore.getAbsolutePath() + "'");
+ exe = execute("config truststore --trustpass secret '" + truststore.getAbsolutePath() + "'");
assertExitCodeAndStreamSizes(exe, 0, 0, 0);
// perform authentication against server - asks for password, then for truststore password