keycloak-aplcache
Changes
testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/java/org/keycloak/AdminController.java 59(+59 -0)
testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/java/org/keycloak/SpringBootAdapterApplication.java 12(+12 -0)
testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/application.properties 12(+12 -0)
testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/static/admin/index.html 12(+12 -0)
testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/static/index.html 12(+12 -0)
testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/templates/tokens.html 11(+11 -0)
testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/test/java/org/keycloak/SpringBootAdapterApplicationTests.java 16(+16 -0)
testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/SpringAdminPage.java 22(+22 -0)
testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/SpringApplicationPage.java 40(+40 -0)
testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/TokenPage.java 19(+19 -0)
testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/AbstractSpringBootTest.java 217(+217 -0)
Details
diff --git a/testsuite/integration-arquillian/test-apps/spring-boot-adapter/mvnw b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/mvnw
new file mode 100755
index 0000000..5bf251c
--- /dev/null
+++ b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/mvnw
@@ -0,0 +1,225 @@
+#!/bin/sh
+# ----------------------------------------------------------------------------
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+# ----------------------------------------------------------------------------
+
+# ----------------------------------------------------------------------------
+# Maven2 Start Up Batch script
+#
+# Required ENV vars:
+# ------------------
+# JAVA_HOME - location of a JDK home dir
+#
+# Optional ENV vars
+# -----------------
+# M2_HOME - location of maven2's installed home dir
+# MAVEN_OPTS - parameters passed to the Java VM when running Maven
+# e.g. to debug Maven itself, use
+# set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
+# MAVEN_SKIP_RC - flag to disable loading of mavenrc files
+# ----------------------------------------------------------------------------
+
+if [ -z "$MAVEN_SKIP_RC" ] ; then
+
+ if [ -f /etc/mavenrc ] ; then
+ . /etc/mavenrc
+ fi
+
+ if [ -f "$HOME/.mavenrc" ] ; then
+ . "$HOME/.mavenrc"
+ fi
+
+fi
+
+# OS specific support. $var _must_ be set to either true or false.
+cygwin=false;
+darwin=false;
+mingw=false
+case "`uname`" in
+ CYGWIN*) cygwin=true ;;
+ MINGW*) mingw=true;;
+ Darwin*) darwin=true
+ # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
+ # See https://developer.apple.com/library/mac/qa/qa1170/_index.html
+ if [ -z "$JAVA_HOME" ]; then
+ if [ -x "/usr/libexec/java_home" ]; then
+ export JAVA_HOME="`/usr/libexec/java_home`"
+ else
+ export JAVA_HOME="/Library/Java/Home"
+ fi
+ fi
+ ;;
+esac
+
+if [ -z "$JAVA_HOME" ] ; then
+ if [ -r /etc/gentoo-release ] ; then
+ JAVA_HOME=`java-config --jre-home`
+ fi
+fi
+
+if [ -z "$M2_HOME" ] ; then
+ ## resolve links - $0 may be a link to maven's home
+ PRG="$0"
+
+ # need this for relative symlinks
+ while [ -h "$PRG" ] ; do
+ ls=`ls -ld "$PRG"`
+ link=`expr "$ls" : '.*-> \(.*\)$'`
+ if expr "$link" : '/.*' > /dev/null; then
+ PRG="$link"
+ else
+ PRG="`dirname "$PRG"`/$link"
+ fi
+ done
+
+ saveddir=`pwd`
+
+ M2_HOME=`dirname "$PRG"`/..
+
+ # make it fully qualified
+ M2_HOME=`cd "$M2_HOME" && pwd`
+
+ cd "$saveddir"
+ # echo Using m2 at $M2_HOME
+fi
+
+# For Cygwin, ensure paths are in UNIX format before anything is touched
+if $cygwin ; then
+ [ -n "$M2_HOME" ] &&
+ M2_HOME=`cygpath --unix "$M2_HOME"`
+ [ -n "$JAVA_HOME" ] &&
+ JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
+ [ -n "$CLASSPATH" ] &&
+ CLASSPATH=`cygpath --path --unix "$CLASSPATH"`
+fi
+
+# For Migwn, ensure paths are in UNIX format before anything is touched
+if $mingw ; then
+ [ -n "$M2_HOME" ] &&
+ M2_HOME="`(cd "$M2_HOME"; pwd)`"
+ [ -n "$JAVA_HOME" ] &&
+ JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`"
+ # TODO classpath?
+fi
+
+if [ -z "$JAVA_HOME" ]; then
+ javaExecutable="`which javac`"
+ if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then
+ # readlink(1) is not available as standard on Solaris 10.
+ readLink=`which readlink`
+ if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then
+ if $darwin ; then
+ javaHome="`dirname \"$javaExecutable\"`"
+ javaExecutable="`cd \"$javaHome\" && pwd -P`/javac"
+ else
+ javaExecutable="`readlink -f \"$javaExecutable\"`"
+ fi
+ javaHome="`dirname \"$javaExecutable\"`"
+ javaHome=`expr "$javaHome" : '\(.*\)/bin'`
+ JAVA_HOME="$javaHome"
+ export JAVA_HOME
+ fi
+ fi
+fi
+
+if [ -z "$JAVACMD" ] ; then
+ if [ -n "$JAVA_HOME" ] ; then
+ if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+ # IBM's JDK on AIX uses strange locations for the executables
+ JAVACMD="$JAVA_HOME/jre/sh/java"
+ else
+ JAVACMD="$JAVA_HOME/bin/java"
+ fi
+ else
+ JAVACMD="`which java`"
+ fi
+fi
+
+if [ ! -x "$JAVACMD" ] ; then
+ echo "Error: JAVA_HOME is not defined correctly." >&2
+ echo " We cannot execute $JAVACMD" >&2
+ exit 1
+fi
+
+if [ -z "$JAVA_HOME" ] ; then
+ echo "Warning: JAVA_HOME environment variable is not set."
+fi
+
+CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher
+
+# traverses directory structure from process work directory to filesystem root
+# first directory with .mvn subdirectory is considered project base directory
+find_maven_basedir() {
+
+ if [ -z "$1" ]
+ then
+ echo "Path not specified to find_maven_basedir"
+ return 1
+ fi
+
+ basedir="$1"
+ wdir="$1"
+ while [ "$wdir" != '/' ] ; do
+ if [ -d "$wdir"/.mvn ] ; then
+ basedir=$wdir
+ break
+ fi
+ # workaround for JBEAP-8937 (on Solaris 10/Sparc)
+ if [ -d "${wdir}" ]; then
+ wdir=`cd "$wdir/.."; pwd`
+ fi
+ # end of workaround
+ done
+ echo "${basedir}"
+}
+
+# concatenates all lines of a file
+concat_lines() {
+ if [ -f "$1" ]; then
+ echo "$(tr -s '\n' ' ' < "$1")"
+ fi
+}
+
+BASE_DIR=`find_maven_basedir "$(pwd)"`
+if [ -z "$BASE_DIR" ]; then
+ exit 1;
+fi
+
+export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}
+echo $MAVEN_PROJECTBASEDIR
+MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS"
+
+# For Cygwin, switch paths to Windows format before running java
+if $cygwin; then
+ [ -n "$M2_HOME" ] &&
+ M2_HOME=`cygpath --path --windows "$M2_HOME"`
+ [ -n "$JAVA_HOME" ] &&
+ JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
+ [ -n "$CLASSPATH" ] &&
+ CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
+ [ -n "$MAVEN_PROJECTBASEDIR" ] &&
+ MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"`
+fi
+
+WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
+
+exec "$JAVACMD" \
+ $MAVEN_OPTS \
+ -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
+ "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
+ ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"
diff --git a/testsuite/integration-arquillian/test-apps/spring-boot-adapter/mvnw.cmd b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/mvnw.cmd
new file mode 100644
index 0000000..019bd74
--- /dev/null
+++ b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/mvnw.cmd
@@ -0,0 +1,143 @@
+@REM ----------------------------------------------------------------------------
+@REM Licensed to the Apache Software Foundation (ASF) under one
+@REM or more contributor license agreements. See the NOTICE file
+@REM distributed with this work for additional information
+@REM regarding copyright ownership. The ASF licenses this file
+@REM to you under the Apache License, Version 2.0 (the
+@REM "License"); you may not use this file except in compliance
+@REM with the License. You may obtain a copy of the License at
+@REM
+@REM http://www.apache.org/licenses/LICENSE-2.0
+@REM
+@REM Unless required by applicable law or agreed to in writing,
+@REM software distributed under the License is distributed on an
+@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+@REM KIND, either express or implied. See the License for the
+@REM specific language governing permissions and limitations
+@REM under the License.
+@REM ----------------------------------------------------------------------------
+
+@REM ----------------------------------------------------------------------------
+@REM Maven2 Start Up Batch script
+@REM
+@REM Required ENV vars:
+@REM JAVA_HOME - location of a JDK home dir
+@REM
+@REM Optional ENV vars
+@REM M2_HOME - location of maven2's installed home dir
+@REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
+@REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a key stroke before ending
+@REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
+@REM e.g. to debug Maven itself, use
+@REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
+@REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
+@REM ----------------------------------------------------------------------------
+
+@REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
+@echo off
+@REM enable echoing my setting MAVEN_BATCH_ECHO to 'on'
+@if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO%
+
+@REM set %HOME% to equivalent of $HOME
+if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
+
+@REM Execute a user defined script before this one
+if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
+@REM check for pre script, once with legacy .bat ending and once with .cmd ending
+if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat"
+if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd"
+:skipRcPre
+
+@setlocal
+
+set ERROR_CODE=0
+
+@REM To isolate internal variables from possible post scripts, we use another setlocal
+@setlocal
+
+@REM ==== START VALIDATION ====
+if not "%JAVA_HOME%" == "" goto OkJHome
+
+echo.
+echo Error: JAVA_HOME not found in your environment. >&2
+echo Please set the JAVA_HOME variable in your environment to match the >&2
+echo location of your Java installation. >&2
+echo.
+goto error
+
+:OkJHome
+if exist "%JAVA_HOME%\bin\java.exe" goto init
+
+echo.
+echo Error: JAVA_HOME is set to an invalid directory. >&2
+echo JAVA_HOME = "%JAVA_HOME%" >&2
+echo Please set the JAVA_HOME variable in your environment to match the >&2
+echo location of your Java installation. >&2
+echo.
+goto error
+
+@REM ==== END VALIDATION ====
+
+:init
+
+@REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
+@REM Fallback to current working directory if not found.
+
+set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
+IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
+
+set EXEC_DIR=%CD%
+set WDIR=%EXEC_DIR%
+:findBaseDir
+IF EXIST "%WDIR%"\.mvn goto baseDirFound
+cd ..
+IF "%WDIR%"=="%CD%" goto baseDirNotFound
+set WDIR=%CD%
+goto findBaseDir
+
+:baseDirFound
+set MAVEN_PROJECTBASEDIR=%WDIR%
+cd "%EXEC_DIR%"
+goto endDetectBaseDir
+
+:baseDirNotFound
+set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
+cd "%EXEC_DIR%"
+
+:endDetectBaseDir
+
+IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
+
+@setlocal EnableExtensions EnableDelayedExpansion
+for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
+@endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
+
+:endReadAdditionalConfig
+
+SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
+
+set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
+set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
+
+%MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
+if ERRORLEVEL 1 goto error
+goto end
+
+:error
+set ERROR_CODE=1
+
+:end
+@endlocal & set ERROR_CODE=%ERROR_CODE%
+
+if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost
+@REM check for post script, once with legacy .bat ending and once with .cmd ending
+if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat"
+if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd"
+:skipRcPost
+
+@REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
+if "%MAVEN_BATCH_PAUSE%" == "on" pause
+
+if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE%
+
+exit /B %ERROR_CODE%
diff --git a/testsuite/integration-arquillian/test-apps/spring-boot-adapter/pom.xml b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/pom.xml
new file mode 100644
index 0000000..b53481b
--- /dev/null
+++ b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/pom.xml
@@ -0,0 +1,134 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <groupId>org.keycloak</groupId>
+ <artifactId>spring-boot-adapter</artifactId>
+ <version>0.0.1-SNAPSHOT</version>
+ <packaging>jar</packaging>
+
+ <name>spring-boot-adapter</name>
+ <description>Spring boot adapter test application</description>
+
+ <parent>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-parent</artifactId>
+ <version>1.5.3.RELEASE</version>
+ <relativePath/> <!-- lookup parent from repository -->
+ </parent>
+
+ <properties>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+ <java.version>1.8</java.version>
+
+ <keycloak.version>3.3.0.CR1-SNAPSHOT</keycloak.version>
+ </properties>
+
+ <dependencies>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-thymeleaf</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-test</artifactId>
+ <scope>test</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-web</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.keycloak</groupId>
+ <artifactId>keycloak-spring-boot-adapter</artifactId>
+ <version>${keycloak.version}</version>
+ </dependency>
+
+ </dependencies>
+
+ <profiles>
+ <profile>
+ <id>spring-boot-adapter-tomcat</id>
+ <dependencies>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-web</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.keycloak</groupId>
+ <artifactId>keycloak-tomcat8-adapter</artifactId>
+ <version>${keycloak.version}</version>
+ </dependency>
+ </dependencies>
+ </profile>
+
+ <profile>
+ <id>spring-boot-adapter-jetty</id>
+ <dependencies>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-web</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-tomcat</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-jetty</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.keycloak</groupId>
+ <artifactId>keycloak-jetty94-adapter</artifactId>
+ <version>${keycloak.version}</version>
+ </dependency>
+ </dependencies>
+ </profile>
+
+ <profile>
+ <id>spring-boot-adapter-undertow</id>
+ <dependencies>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-web</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-tomcat</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-undertow</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.keycloak</groupId>
+ <artifactId>keycloak-undertow-adapter</artifactId>
+ <version>${keycloak.version}</version>
+ </dependency>
+ </dependencies>
+ </profile>
+ </profiles>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-maven-plugin</artifactId>
+ </plugin>
+ </plugins>
+ </build>
+
+
+</project>
diff --git a/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/java/org/keycloak/AdminController.java b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/java/org/keycloak/AdminController.java
new file mode 100644
index 0000000..3b9ccc4
--- /dev/null
+++ b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/java/org/keycloak/AdminController.java
@@ -0,0 +1,59 @@
+package org.keycloak;
+
+import java.io.IOException;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
+import org.keycloak.common.util.Time;
+import org.keycloak.jose.jws.JWSInput;
+import org.keycloak.jose.jws.JWSInputException;
+import org.keycloak.representations.RefreshToken;
+import org.keycloak.util.JsonSerialization;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.NumberUtils;
+import org.springframework.util.StringUtils;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.context.request.WebRequest;
+
+@Controller
+@RequestMapping(path = "/admin")
+public class AdminController {
+
+ @RequestMapping(path = "/TokenServlet", method = RequestMethod.GET)
+ public String showTokens(WebRequest req, Model model, @RequestParam Map<String, String> attributes) throws IOException {
+ String timeOffset = attributes.get("timeOffset");
+ if (!StringUtils.isEmpty(timeOffset)) {
+ int offset;
+ try {
+ offset = Integer.parseInt(timeOffset, 10);
+ }
+ catch (NumberFormatException e) {
+ offset = 0;
+ }
+
+ Time.setOffset(offset);
+ }
+
+ RefreshableKeycloakSecurityContext ctx =
+ (RefreshableKeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName(), WebRequest.SCOPE_REQUEST);
+ String accessTokenPretty = JsonSerialization.writeValueAsPrettyString(ctx.getToken());
+ RefreshToken refreshToken;
+ try {
+ refreshToken = new JWSInput(ctx.getRefreshToken()).readJsonContent(RefreshToken.class);
+ } catch (JWSInputException e) {
+ throw new IOException(e);
+ }
+ String refreshTokenPretty = JsonSerialization.writeValueAsPrettyString(refreshToken);
+
+ model.addAttribute("accessToken", accessTokenPretty);
+ model.addAttribute("refreshToken", refreshTokenPretty);
+ model.addAttribute("accessTokenString", ctx.getTokenString());
+
+ return "tokens";
+ }
+}
diff --git a/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/java/org/keycloak/SpringBootAdapterApplication.java b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/java/org/keycloak/SpringBootAdapterApplication.java
new file mode 100644
index 0000000..3833299
--- /dev/null
+++ b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/java/org/keycloak/SpringBootAdapterApplication.java
@@ -0,0 +1,12 @@
+package org.keycloak;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class SpringBootAdapterApplication {
+
+ public static void main(String[] args) {
+ SpringApplication.run(SpringBootAdapterApplication.class, args);
+ }
+}
diff --git a/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/application.properties b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/application.properties
new file mode 100644
index 0000000..84de1bb
--- /dev/null
+++ b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/application.properties
@@ -0,0 +1,12 @@
+server.port=8280
+
+keycloak.realm=test
+keycloak.auth-server-url=http://localhost:8180/auth
+keycloak.ssl-required=external
+keycloak.resource=spring-boot-app
+keycloak.credentials.secret=e3789ac5-bde6-4957-a7b0-612823dac101
+keycloak.realm-key=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB
+
+keycloak.security-constraints[0].authRoles[0]=admin
+keycloak.security-constraints[0].securityCollections[0].name=Admin zone
+keycloak.security-constraints[0].securityCollections[0].patterns[0]=/admin/*
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/static/admin/index.html b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/static/admin/index.html
new file mode 100644
index 0000000..acb47af
--- /dev/null
+++ b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/static/admin/index.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <title>springboot admin page</title>
+</head>
+<body>
+
+ <div class="test">You are now admin</div>
+
+</body>
+</html>
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/static/index.html b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/static/index.html
new file mode 100644
index 0000000..5ca7303
--- /dev/null
+++ b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/static/index.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <title>springboot test page</title>
+</head>
+<body>
+
+ <div class="test">Click <a href="admin/index.html" class="adminlink">here</a> to go admin</div>
+
+</body>
+</html>
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/templates/tokens.html b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/templates/tokens.html
new file mode 100644
index 0000000..09dee72
--- /dev/null
+++ b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/main/resources/templates/tokens.html
@@ -0,0 +1,11 @@
+<!DOCTYPE HTML>
+<html xmlns:th="http://www.thymeleaf.org/">
+ <head>
+ <title>Tokens from spring boot</title>
+ </head>
+ <body>
+ <span id="accessToken" th:text="${accessToken}"></span>
+ <span id="refreshToken" th:text="${refreshToken}"></span>
+ <span id="accessTokenString" th:text="${accessTokenString}"></span>
+ </body>
+</html>
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/test/java/org/keycloak/SpringBootAdapterApplicationTests.java b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/test/java/org/keycloak/SpringBootAdapterApplicationTests.java
new file mode 100644
index 0000000..8df20da
--- /dev/null
+++ b/testsuite/integration-arquillian/test-apps/spring-boot-adapter/src/test/java/org/keycloak/SpringBootAdapterApplicationTests.java
@@ -0,0 +1,16 @@
+package org.keycloak;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest
+public class SpringBootAdapterApplicationTests {
+
+ @Test
+ public void contextLoads() {
+ }
+
+}
diff --git a/testsuite/integration-arquillian/tests/other/pom.xml b/testsuite/integration-arquillian/tests/other/pom.xml
index 03f126c..f406421 100644
--- a/testsuite/integration-arquillian/tests/other/pom.xml
+++ b/testsuite/integration-arquillian/tests/other/pom.xml
@@ -39,6 +39,7 @@
<modules>
<module>adapters</module>
<module>sssd</module>
+ <module>springboot-tests</module>
</modules>
<build>
diff --git a/testsuite/integration-arquillian/tests/other/springboot-tests/pom.xml b/testsuite/integration-arquillian/tests/other/springboot-tests/pom.xml
new file mode 100644
index 0000000..90a997f
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/springboot-tests/pom.xml
@@ -0,0 +1,89 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <parent>
+ <artifactId>integration-arquillian-tests-other</artifactId>
+ <groupId>org.keycloak.testsuite</groupId>
+ <version>3.3.0.CR1-SNAPSHOT</version>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+
+ <artifactId>integration-arquillian-tests-springboot</artifactId>
+
+ <properties>
+ <exclude.springboot>**/springboot/**/*Test.java</exclude.springboot>
+
+ <adapter.container>tomcat</adapter.container>
+ </properties>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.keycloak</groupId>
+ <artifactId>keycloak-test-helper</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <excludes>
+ <exclude>${exclude.springboot}</exclude>
+ </excludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+
+ <profiles>
+ <profile>
+ <id>test-springboot</id>
+ <properties>
+ <exclude.springboot>-</exclude.springboot>
+ </properties>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>com.bazaarvoice.maven.plugins</groupId>
+ <artifactId>process-exec-maven-plugin</artifactId>
+ <version>0.7</version>
+ <executions>
+ <execution>
+ <id>spring-boot-application-process</id>
+ <phase>generate-test-resources</phase>
+ <goals>
+ <goal>start</goal>
+ </goals>
+ <configuration>
+ <name>springboot</name>
+ <workingDir>../../../../test-apps/spring-boot-adapter</workingDir>
+ <arguments>
+ <argument>mvn</argument>
+ <argument>spring-boot:run</argument>
+ <argument>-Dkeycloak.version=${project.version}</argument>
+ <argument>-Pspring-boot-adapter-${adapter.container}</argument>
+ </arguments>
+ </configuration>
+ </execution>
+
+ <execution>
+ <id>kill-processes</id>
+ <phase>post-integration-test</phase>
+ <goals>
+ <goal>stop-all</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
+
+
+</project>
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/SpringAdminPage.java b/testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/SpringAdminPage.java
new file mode 100644
index 0000000..8ce5e75
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/SpringAdminPage.java
@@ -0,0 +1,22 @@
+package org.keycloak.testsuite.springboot;
+
+import org.keycloak.testsuite.pages.AbstractPage;
+import org.openqa.selenium.WebElement;
+import org.openqa.selenium.support.FindBy;
+
+public class SpringAdminPage extends AbstractPage {
+
+ @FindBy(className = "test")
+ private WebElement testDiv;
+
+
+ @Override
+ public boolean isCurrent() {
+ return driver.getTitle().equalsIgnoreCase("springboot admin page");
+ }
+
+ @Override
+ public void open() throws Exception {
+
+ }
+}
diff --git a/testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/SpringApplicationPage.java b/testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/SpringApplicationPage.java
new file mode 100644
index 0000000..9442cd3
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/SpringApplicationPage.java
@@ -0,0 +1,40 @@
+package org.keycloak.testsuite.springboot;
+
+import org.keycloak.testsuite.pages.AbstractPage;
+import org.openqa.selenium.WebElement;
+import org.openqa.selenium.support.FindBy;
+
+public class SpringApplicationPage extends AbstractPage {
+
+ @FindBy(className = "test")
+ private WebElement testDiv;
+
+ @FindBy(className = "adminlink")
+ private WebElement adminLink;
+
+ private String title;
+
+ public SpringApplicationPage() {
+ super();
+
+ title = "springboot test page";
+ }
+
+ public String getTitle() {
+ return title;
+ }
+
+ @Override
+ public boolean isCurrent() {
+ return driver.getTitle().equalsIgnoreCase(title);
+ }
+
+ @Override
+ public void open() throws Exception {
+
+ }
+
+ public void goAdmin() {
+ adminLink.click();
+ }
+}
diff --git a/testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/TokenPage.java b/testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/TokenPage.java
new file mode 100644
index 0000000..7fc7961
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/springboot-tests/src/main/java/org/keycloak/testsuite/springboot/TokenPage.java
@@ -0,0 +1,19 @@
+package org.keycloak.testsuite.springboot;
+
+import java.net.URL;
+
+import org.jboss.arquillian.test.api.ArquillianResource;
+import org.keycloak.testsuite.adapter.page.AbstractShowTokensPage;
+
+public class TokenPage extends AbstractShowTokensPage {
+
+ @Override
+ public boolean isCurrent() {
+ return driver.getTitle().equalsIgnoreCase("tokens from spring boot");
+ }
+
+ @Override
+ public URL getInjectedUrl() {
+ return null;
+ }
+}
diff --git a/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/AbstractSpringBootTest.java b/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/AbstractSpringBootTest.java
new file mode 100644
index 0000000..5b15077
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/AbstractSpringBootTest.java
@@ -0,0 +1,217 @@
+package org.keycloak.testsuite.springboot;
+
+import static org.keycloak.testsuite.admin.ApiUtil.assignRealmRoles;
+import static org.keycloak.testsuite.admin.ApiUtil.createUserWithAdminClient;
+import static org.keycloak.testsuite.admin.ApiUtil.resetUserPassword;
+import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
+
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import javax.ws.rs.core.UriBuilder;
+
+import org.jboss.arquillian.graphene.page.Page;
+import org.jboss.logging.Logger;
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.keycloak.OAuth2Constants;
+import org.keycloak.admin.client.resource.RealmResource;
+import org.keycloak.admin.client.resource.RoleResource;
+import org.keycloak.representations.idm.ClientRepresentation;
+import org.keycloak.representations.idm.RealmRepresentation;
+import org.keycloak.representations.idm.RoleRepresentation;
+import org.keycloak.representations.idm.UserRepresentation;
+import org.keycloak.testsuite.AbstractKeycloakTest;
+import org.keycloak.testsuite.admin.ApiUtil;
+import org.keycloak.testsuite.arquillian.SuiteContext;
+import org.keycloak.testsuite.pages.LoginPage;
+import org.keycloak.testsuite.util.WaitUtils;
+import org.keycloak.util.TokenUtil;
+import org.openqa.selenium.By;
+
+public abstract class AbstractSpringBootTest extends AbstractKeycloakTest {
+
+ protected static final String REALM_ID = "cd8ee421-5100-41ba-95dd-b27c8e5cf042";
+
+ protected static final String REALM_NAME = "test";
+
+ protected static final String CLIENT_ID = "spring-boot-app";
+ protected static final String SECRET = "e3789ac5-bde6-4957-a7b0-612823dac101";
+
+ protected static final String APPLICATION_URL = "http://localhost:8280";
+ protected static final String BASE_URL = APPLICATION_URL + "/admin";
+
+ protected static final String USER_LOGIN = "testuser";
+ protected static final String USER_EMAIL = "user@email.test";
+ protected static final String USER_PASSWORD = "user-password";
+
+ protected static final String USER_LOGIN_2 = "testuser2";
+ protected static final String USER_EMAIL_2 = "user2@email.test";
+ protected static final String USER_PASSWORD_2 = "user2-password";
+
+ protected static final String CORRECT_ROLE = "admin";
+ protected static final String INCORRECT_ROLE = "wrong-admin";
+
+ protected static final String REALM_PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5" +
+ "mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi7" +
+ "9NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB";
+
+ protected static final String REALM_PRIVATE_KEY = "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3Bj" +
+ "LGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vj" +
+ "O2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jY" +
+ "lQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn" +
+ "9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEK" +
+ "Xalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2w" +
+ "Vl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJ" +
+ "AY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZ" +
+ "N39fOYAlo+nTixgeW7X8Y=";
+
+ @Page
+ protected LoginPage loginPage;
+
+ @Page
+ protected SpringApplicationPage applicationPage;
+
+ @Page
+ protected SpringAdminPage adminPage;
+
+ @Page
+ protected TokenPage tokenPage;
+
+ @Override
+ public void addTestRealms(List<RealmRepresentation> testRealms) {
+ RealmRepresentation realm = new RealmRepresentation();
+
+ realm.setId(REALM_ID);
+ realm.setRealm(REALM_NAME);
+ realm.setEnabled(true);
+
+ realm.setPublicKey(REALM_PUBLIC_KEY);
+ realm.setPrivateKey(REALM_PRIVATE_KEY);
+
+ realm.setClients(Collections.singletonList(createClient()));
+
+ List<String> eventListeners = new ArrayList<>();
+ eventListeners.add("jboss-logging");
+ eventListeners.add("event-queue");
+ realm.setEventsListeners(eventListeners);
+
+ testRealms.add(realm);
+ }
+
+ private ClientRepresentation createClient() {
+ ClientRepresentation clientRepresentation = new ClientRepresentation();
+
+ clientRepresentation.setId(CLIENT_ID);
+ clientRepresentation.setSecret(SECRET);
+
+ clientRepresentation.setBaseUrl(BASE_URL);
+ clientRepresentation.setRedirectUris(Collections.singletonList(BASE_URL + "/*"));
+ clientRepresentation.setAdminUrl(BASE_URL);
+
+ return clientRepresentation;
+ }
+
+ private void addUser(String login, String email, String password, String... roles) {
+ UserRepresentation userRepresentation = new UserRepresentation();
+
+ userRepresentation.setUsername(login);
+ userRepresentation.setEmail(email);
+ userRepresentation.setEmailVerified(true);
+ userRepresentation.setEnabled(true);
+
+ RealmResource realmResource = adminClient.realm(REALM_NAME);
+ String userId = createUserWithAdminClient(realmResource, userRepresentation);
+
+ resetUserPassword(realmResource.users().get(userId), password, false);
+
+ for (String role : roles)
+ assignRealmRoles(realmResource, userId, role);
+ }
+
+ private String getAuthRoot(SuiteContext suiteContext) {
+ return suiteContext.getAuthServerInfo().getContextRoot().toString();
+ }
+
+ private String encodeUrl(String url) {
+ String result;
+ try {
+ result = URLEncoder.encode(url, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ result = url;
+ }
+
+ return result;
+ }
+
+ protected String logoutPage(String redirectUrl) {
+ return getAuthRoot(suiteContext)
+ + "/auth/realms/" + REALM_NAME
+ + "/protocol/" + "openid-connect"
+ + "/logout?redirect_uri=" + encodeUrl(redirectUrl);
+ }
+
+ protected void setAdapterAndServerTimeOffset(int timeOffset, String url) {
+ setTimeOffset(timeOffset);
+
+ String timeOffsetUri = UriBuilder.fromUri(url)
+ .queryParam("timeOffset", timeOffset)
+ .build().toString();
+
+ driver.navigate().to(timeOffsetUri);
+ WaitUtils.waitUntilElement(By.tagName("body")).is().visible();
+ }
+
+ protected String getCorrectUserId() {
+ return adminClient.realms().realm(REALM_NAME).users().search(USER_LOGIN)
+ .get(0).getId();
+ }
+
+ @Before
+ public void createRoles() {
+ RealmResource realm = realmsResouce().realm(REALM_NAME);
+
+ RoleRepresentation correct = new RoleRepresentation(CORRECT_ROLE, CORRECT_ROLE, false);
+ realm.roles().create(correct);
+
+ RoleRepresentation incorrect = new RoleRepresentation(INCORRECT_ROLE, INCORRECT_ROLE, false);
+ realm.roles().create(incorrect);
+ }
+
+ @Before
+ public void addUsers() {
+ addUser(USER_LOGIN, USER_EMAIL, USER_PASSWORD, CORRECT_ROLE);
+ addUser(USER_LOGIN_2, USER_EMAIL_2, USER_PASSWORD_2, INCORRECT_ROLE);
+ }
+
+ @After
+ public void cleanupUsers() {
+ RealmResource providerRealm = adminClient.realm(REALM_NAME);
+ UserRepresentation userRep = ApiUtil.findUserByUsername(providerRealm, USER_LOGIN);
+ if (userRep != null) {
+ providerRealm.users().get(userRep.getId()).remove();
+ }
+
+ RealmResource childRealm = adminClient.realm(REALM_NAME);
+ userRep = ApiUtil.findUserByUsername(childRealm, USER_LOGIN_2);
+ if (userRep != null) {
+ childRealm.users().get(userRep.getId()).remove();
+ }
+ }
+
+ @After
+ public void cleanupRoles() {
+ RealmResource realm = realmsResouce().realm(REALM_NAME);
+
+ RoleResource correctRole = realm.roles().get(CORRECT_ROLE);
+ correctRole.remove();
+
+ RoleResource incorrectRole = realm.roles().get(INCORRECT_ROLE);
+ incorrectRole.remove();
+ }
+}
diff --git a/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/BasicSpringBootTest.java b/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/BasicSpringBootTest.java
new file mode 100644
index 0000000..6aea719
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/BasicSpringBootTest.java
@@ -0,0 +1,61 @@
+package org.keycloak.testsuite.springboot;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class BasicSpringBootTest extends AbstractSpringBootTest {
+ @Test
+ public void testCorrectUser() {
+ driver.navigate().to(APPLICATION_URL + "/index.html");
+
+ Assert.assertTrue("Must be on application page", applicationPage.isCurrent());
+
+ applicationPage.goAdmin();
+
+ Assert.assertTrue("Must be on login page", loginPage.isCurrent());
+
+ loginPage.login(USER_LOGIN, USER_PASSWORD);
+
+ Assert.assertTrue("Must be on admin page", adminPage.isCurrent());
+ Assert.assertTrue("Admin page must contain correct div",
+ driver.getPageSource().contains("You are now admin"));
+
+ driver.navigate().to(logoutPage(BASE_URL));
+
+ Assert.assertTrue("Must be on login page", loginPage.isCurrent());
+
+ }
+
+ @Test
+ public void testIncorrectUser() {
+ driver.navigate().to(APPLICATION_URL + "/index.html");
+
+ Assert.assertTrue("Must be on application page", applicationPage.isCurrent());
+
+ applicationPage.goAdmin();
+
+ Assert.assertTrue("Must be on login page", loginPage.isCurrent());
+
+ loginPage.login(USER_LOGIN_2, USER_PASSWORD_2);
+
+ Assert.assertTrue("Must return 403 because of incorrect role",
+ driver.getPageSource().contains("There was an unexpected error (type=Forbidden, status=403)")
+ || driver.getPageSource().contains("\"status\":403,\"error\":\"Forbidden\""));
+ }
+
+ @Test
+ public void testIncorrectCredentials() {
+ driver.navigate().to(APPLICATION_URL + "/index.html");
+
+ Assert.assertTrue("Must be on application page", applicationPage.isCurrent());
+
+ applicationPage.goAdmin();
+
+ Assert.assertTrue("Must be on login page", loginPage.isCurrent());
+
+ loginPage.login(USER_LOGIN, USER_PASSWORD_2);
+
+ Assert.assertEquals("Error message about password",
+ "Invalid username or password.", loginPage.getError());
+ }
+}
diff --git a/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/OfflineTokenSpringBootTest.java b/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/OfflineTokenSpringBootTest.java
new file mode 100644
index 0000000..5ac950f
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/OfflineTokenSpringBootTest.java
@@ -0,0 +1,154 @@
+package org.keycloak.testsuite.springboot;
+
+import org.jboss.arquillian.graphene.page.Page;
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.keycloak.OAuth2Constants;
+import org.keycloak.events.Details;
+import org.keycloak.events.EventType;
+import org.keycloak.services.Urls;
+import org.keycloak.testsuite.AssertEvents;
+import org.keycloak.testsuite.pages.AccountApplicationsPage;
+import org.keycloak.testsuite.pages.OAuthGrantPage;
+import org.keycloak.testsuite.util.ClientManager;
+import org.keycloak.testsuite.util.WaitUtils;
+import org.keycloak.util.TokenUtil;
+import org.openqa.selenium.By;
+
+import javax.ws.rs.core.UriBuilder;
+import java.util.List;
+
+import static org.keycloak.testsuite.util.WaitUtils.pause;
+
+public class OfflineTokenSpringBootTest extends AbstractSpringBootTest {
+ private static final String SERVLET_URI = APPLICATION_URL + "/admin/TokenServlet";
+
+ @Rule
+ public AssertEvents events = new AssertEvents(this);
+
+ @Page
+ private AccountApplicationsPage accountAppPage;
+
+ @Page
+ private OAuthGrantPage oauthGrantPage;
+
+ @Test
+ public void testTokens() {
+ String servletUri = UriBuilder.fromUri(SERVLET_URI)
+ .queryParam(OAuth2Constants.SCOPE, OAuth2Constants.OFFLINE_ACCESS)
+ .build().toString();
+ driver.navigate().to(servletUri);
+
+ Assert.assertTrue("Must be on login page", loginPage.isCurrent());
+ loginPage.login(USER_LOGIN, USER_PASSWORD);
+
+ WaitUtils.waitUntilElement(By.tagName("body")).is().visible();
+
+ Assert.assertTrue(tokenPage.isCurrent());
+
+ Assert.assertEquals(tokenPage.getRefreshToken().getType(), TokenUtil.TOKEN_TYPE_OFFLINE);
+ Assert.assertEquals(tokenPage.getRefreshToken().getExpiration(), 0);
+
+ String accessTokenId = tokenPage.getAccessToken().getId();
+ String refreshTokenId = tokenPage.getRefreshToken().getId();
+
+ setAdapterAndServerTimeOffset(9999, SERVLET_URI);
+
+ driver.navigate().to(SERVLET_URI);
+ Assert.assertTrue("Must be on tokens page", tokenPage.isCurrent());
+ Assert.assertNotEquals(tokenPage.getRefreshToken().getId(), refreshTokenId);
+ Assert.assertNotEquals(tokenPage.getAccessToken().getId(), accessTokenId);
+
+ setAdapterAndServerTimeOffset(0, SERVLET_URI);
+
+ driver.navigate().to(logoutPage(SERVLET_URI));
+ Assert.assertTrue("Must be on login page", loginPage.isCurrent());
+ }
+
+ @Test
+ public void testRevoke() {
+ // Login to servlet first with offline token
+ String servletUri = UriBuilder.fromUri(SERVLET_URI)
+ .queryParam(OAuth2Constants.SCOPE, OAuth2Constants.OFFLINE_ACCESS)
+ .build().toString();
+ driver.navigate().to(servletUri);
+ WaitUtils.waitUntilElement(By.tagName("body")).is().visible();
+
+ loginPage.login(USER_LOGIN, USER_PASSWORD);
+ Assert.assertTrue("Must be on token page", tokenPage.isCurrent());
+
+ Assert.assertEquals(tokenPage.getRefreshToken().getType(), TokenUtil.TOKEN_TYPE_OFFLINE);
+
+ // Assert refresh works with increased time
+ setAdapterAndServerTimeOffset(9999, SERVLET_URI);
+ driver.navigate().to(SERVLET_URI);
+ Assert.assertTrue("Must be on token page", tokenPage.isCurrent());
+ setAdapterAndServerTimeOffset(0, SERVLET_URI);
+
+ events.clear();
+
+ // Go to account service and revoke grant
+ accountAppPage.open();
+
+ List<String> additionalGrants = accountAppPage.getApplications().get(CLIENT_ID).getAdditionalGrants();
+ Assert.assertEquals(additionalGrants.size(), 1);
+ Assert.assertEquals(additionalGrants.get(0), "Offline Token");
+ accountAppPage.revokeGrant(CLIENT_ID);
+ pause(500);
+ Assert.assertEquals(accountAppPage.getApplications().get(CLIENT_ID).getAdditionalGrants().size(), 0);
+
+ events.expect(EventType.REVOKE_GRANT).realm(REALM_ID).user(getCorrectUserId())
+ .client("account").detail(Details.REVOKED_CLIENT, CLIENT_ID).assertEvent();
+
+ // Assert refresh doesn't work now (increase time one more time)
+ setAdapterAndServerTimeOffset(9999, SERVLET_URI);
+ driver.navigate().to(SERVLET_URI);
+ loginPage.assertCurrent();
+ setAdapterAndServerTimeOffset(0, SERVLET_URI);
+ }
+
+ @Test
+ public void testConsent() {
+ ClientManager.realm(adminClient.realm(REALM_NAME)).clientId(CLIENT_ID).consentRequired(true);
+
+ // Assert grant page doesn't have 'Offline Access' role when offline token is not requested
+ driver.navigate().to(SERVLET_URI);
+ loginPage.login(USER_LOGIN, USER_PASSWORD);
+ oauthGrantPage.assertCurrent();
+ WaitUtils.waitUntilElement(By.xpath("//body")).text().not().contains("Offline access");
+ oauthGrantPage.cancel();
+
+ // Assert grant page has 'Offline Access' role now
+ String servletUri = UriBuilder.fromUri(SERVLET_URI)
+ .queryParam(OAuth2Constants.SCOPE, OAuth2Constants.OFFLINE_ACCESS)
+ .build().toString();
+ driver.navigate().to(servletUri);
+ WaitUtils.waitUntilElement(By.tagName("body")).is().visible();
+
+ loginPage.login(USER_LOGIN, USER_PASSWORD);
+ oauthGrantPage.assertCurrent();
+ WaitUtils.waitUntilElement(By.xpath("//body")).text().contains("Offline access");
+
+ oauthGrantPage.accept();
+
+ Assert.assertTrue("Must be on token page", tokenPage.isCurrent());
+ Assert.assertEquals(tokenPage.getRefreshToken().getType(), TokenUtil.TOKEN_TYPE_OFFLINE);
+
+ String accountAppPageUrl =
+ Urls.accountApplicationsPage(getAuthServerRoot(), REALM_NAME).toString();
+ driver.navigate().to(accountAppPageUrl);
+ AccountApplicationsPage.AppEntry offlineClient = accountAppPage.getApplications().get(CLIENT_ID);
+ Assert.assertTrue(offlineClient.getRolesGranted().contains("Offline access"));
+ Assert.assertTrue(offlineClient.getAdditionalGrants().contains("Offline Token"));
+
+ //This was necessary to be introduced, otherwise other testcases will fail
+ driver.navigate().to(logoutPage(SERVLET_URI));
+ loginPage.assertCurrent();
+
+ events.clear();
+
+ // Revert change
+ ClientManager.realm(adminClient.realm(REALM_NAME)).clientId(CLIENT_ID).consentRequired(false);
+ }
+}