diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java
index 53a3615..926d31d 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java
@@ -60,12 +60,7 @@ import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
+import static org.junit.Assert.*;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@@ -564,6 +559,26 @@ public class RealmTest extends AbstractAdminTest {
}
@Test
+ public void rotateRealmKeys() {
+ RealmRepresentation realmRep = realm.toRepresentation();
+ String publicKey = realmRep.getPublicKey();
+ String cert = realmRep.getCertificate();
+ assertNotNull(publicKey);
+ assertNotNull(cert);
+
+ RealmRepresentation newRealmRep = new RealmRepresentation();
+ newRealmRep.setRealm(REALM_NAME);
+ newRealmRep.setPublicKey("GENERATE");
+ realm.update(newRealmRep);
+
+ realmRep = realm.toRepresentation();
+ assertNotNull(realmRep.getPublicKey());
+ assertNotNull(realmRep.getCertificate());
+ assertNotEquals(publicKey, realmRep.getPublicKey());
+ assertNotEquals(cert, realmRep.getCertificate());
+ }
+
+ @Test
public void clearRealmCache() {
RealmRepresentation realmRep = realm.toRepresentation();
assertTrue(testingClient.testing().isCached("realms", realmRep.getId()));
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java
index 7fea657..4592eea 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java
@@ -36,6 +36,8 @@ import org.keycloak.protocol.oidc.representations.OIDCConfigurationRepresentatio
import org.keycloak.protocol.oidc.utils.OIDCResponseType;
import org.keycloak.representations.IDToken;
import org.keycloak.representations.idm.RealmRepresentation;
+import org.keycloak.services.clientregistration.ClientRegistrationService;
+import org.keycloak.services.clientregistration.oidc.OIDCClientRegistrationProviderFactory;
import org.keycloak.services.resources.RealmsResource;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.Assert;
@@ -79,6 +81,15 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest {
Assert.assertEquals(oidcConfig.getUserinfoEndpoint(), OIDCLoginProtocolService.userInfoUrl(UriBuilder.fromUri(OAuthClient.AUTH_SERVER_ROOT)).build("test").toString());
Assert.assertEquals(oidcConfig.getJwksUri(), oauth.getCertsUrl("test"));
+ String registrationUri = UriBuilder
+ .fromUri(OAuthClient.AUTH_SERVER_ROOT)
+ .path(RealmsResource.class)
+ .path(RealmsResource.class, "getClientsService")
+ .path(ClientRegistrationService.class, "provider")
+ .build("test", OIDCClientRegistrationProviderFactory.ID)
+ .toString();
+ Assert.assertEquals(oidcConfig.getRegistrationEndpoint(), registrationUri);
+
// Support standard + implicit + hybrid flow
assertContains(oidcConfig.getResponseTypesSupported(), OAuth2Constants.CODE, OIDCResponseType.ID_TOKEN, "id_token token", "code id_token", "code token", "code id_token token");
assertContains(oidcConfig.getGrantTypesSupported(), OAuth2Constants.AUTHORIZATION_CODE, OAuth2Constants.IMPLICIT);
