Details
diff --git a/testsuite/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java b/testsuite/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
index 1617767..15f1cbf 100644
--- a/testsuite/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
+++ b/testsuite/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
@@ -21,17 +21,10 @@
*/
package org.keycloak.testsuite.oauth;
-import java.security.PublicKey;
-
-import org.apache.commons.io.IOUtils;
-import org.jboss.resteasy.security.PemUtils;
-import org.json.JSONObject;
import org.junit.Assert;
-import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
-import org.keycloak.RSATokenVerifier;
import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.testsuite.OAuthClient;
import org.keycloak.testsuite.OAuthClient.AccessTokenResponse;
@@ -61,14 +54,6 @@ public class AccessTokenTest {
@WebResource
protected LoginPage loginPage;
- private PublicKey realmPublicKey;
-
- @Before
- public void before() throws Exception {
- JSONObject realmJson = new JSONObject(IOUtils.toString(getClass().getResourceAsStream("/testrealm.json")));
- realmPublicKey = PemUtils.decodePublicKey(realmJson.getString("publicKey"));
- }
-
@Test
public void accessTokenRequest() throws Exception {
oauth.doLogin("test-user@localhost", "password");
@@ -82,7 +67,8 @@ public class AccessTokenTest {
Assert.assertEquals("bearer", response.getTokenType());
- SkeletonKeyToken token = RSATokenVerifier.verifyToken(response.getAccessToken(), realmPublicKey, oauth.getRealm());
+ SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
+
Assert.assertEquals("test-user@localhost", token.getPrincipal());
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
diff --git a/testsuite/src/test/java/org/keycloak/testsuite/OAuthClient.java b/testsuite/src/test/java/org/keycloak/testsuite/OAuthClient.java
index 42d2c32..59d178a 100644
--- a/testsuite/src/test/java/org/keycloak/testsuite/OAuthClient.java
+++ b/testsuite/src/test/java/org/keycloak/testsuite/OAuthClient.java
@@ -24,6 +24,7 @@ package org.keycloak.testsuite;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.Charset;
+import java.security.PublicKey;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
@@ -40,8 +41,11 @@ import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
+import org.jboss.resteasy.security.PemUtils;
import org.json.JSONObject;
import org.junit.Assert;
+import org.keycloak.RSATokenVerifier;
+import org.keycloak.representations.SkeletonKeyToken;
import org.openqa.selenium.By;
import org.openqa.selenium.WebDriver;
@@ -68,8 +72,13 @@ public class OAuthClient {
private String state;
- public OAuthClient(WebDriver driver) {
+ private PublicKey realmPublicKey;
+
+ public OAuthClient(WebDriver driver) throws Exception {
this.driver = driver;
+
+ JSONObject realmJson = new JSONObject(IOUtils.toString(getClass().getResourceAsStream("/testrealm.json")));
+ realmPublicKey = PemUtils.decodePublicKey(realmJson.getString("publicKey"));
}
public AuthorizationCodeResponse doLogin(String username, String password) {
@@ -109,6 +118,10 @@ public class OAuthClient {
return new AccessTokenResponse(client.execute(post));
}
+ public SkeletonKeyToken verifyToken(String token) throws Exception {
+ return RSATokenVerifier.verifyToken(token, realmPublicKey, realm);
+ }
+
public boolean isAuthorizationResponse() {
return getCurrentRequest().equals(redirectUri) && getCurrentQuery().containsKey("code");
}
diff --git a/testsuite/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java b/testsuite/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java
index 7cb4178..f4cc01c 100755
--- a/testsuite/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java
+++ b/testsuite/src/test/java/org/keycloak/testsuite/social/SocialLoginTest.java
@@ -26,12 +26,15 @@ import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
+import org.keycloak.representations.SkeletonKeyToken;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.models.RealmModel;
import org.keycloak.testsuite.DummySocialServlet;
+import org.keycloak.testsuite.OAuthClient;
+import org.keycloak.testsuite.OAuthClient.AccessTokenResponse;
import org.keycloak.testsuite.pages.AppPage;
-import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.AppPage.RequestType;
+import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.rule.KeycloakRule;
import org.keycloak.testsuite.rule.KeycloakRule.KeycloakSetup;
import org.keycloak.testsuite.rule.WebResource;
@@ -65,13 +68,16 @@ public class SocialLoginTest {
@WebResource
protected LoginPage loginPage;
+ @WebResource
+ protected OAuthClient oauth;
+
@BeforeClass
public static void before() {
keycloakRule.deployServlet("dummy-social", "/dummy-social", DummySocialServlet.class);
}
@Test
- public void loginSuccess() {
+ public void loginSuccess() throws Exception {
loginPage.open();
loginPage.clickSocial("dummy");
@@ -80,6 +86,15 @@ public class SocialLoginTest {
driver.findElement(By.id("submit")).click();
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
+
+ AccessTokenResponse response = oauth.doAccessTokenRequest(oauth.getCurrentQuery().get("code"), "password");
+
+ SkeletonKeyToken token = oauth.verifyToken(response.getAccessToken());
+
+ Assert.assertEquals("dummy-user", token.getPrincipal());
+
+ Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
+ Assert.assertTrue(token.getRealmAccess().isUserInRole("user"));
}
}
