Details
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java
index 4a2ce96..a2ec8bb 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java
@@ -19,20 +19,18 @@ package org.keycloak.testsuite.adapter;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
-import org.keycloak.common.util.Encode;
-import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
import java.net.URL;
-import java.security.PublicKey;
/**
* Tests Undertow Adapter
*
* @author <a href="mailto:bburke@redhat.com">Bill Burke</a>
+ * @author <a href="mailto:john.ament@spartasystems.com">John Ament</a>
*/
public class AdapterTest {
@@ -93,6 +91,12 @@ public class AdapterTest {
.name("input-portal").contextPath("/input-portal")
.servletClass(InputServlet.class).adapterConfigPath(url.getPath())
.role("user").constraintUrl("/secured/*").deployApplication();
+
+ url = getClass().getResource("/adapter-test/no-access-token.json");
+ createApplicationDeployment()
+ .name("no-access-token").contextPath("/no-access-token")
+ .servletClass(InputServlet.class).adapterConfigPath(url.getPath())
+ .role("user").constraintUrl("/secured/*").deployApplication();
}
};
@@ -237,4 +241,9 @@ public class AdapterTest {
testStrategy.testRestCallWithAccessTokenAsQueryParameter();
}
+
+ @Test
+ public void testCallURLWithAccessToken() throws Exception {
+ testStrategy.checkThatAccessTokenCanBeSentPublicly();
+ }
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java
index bd0a144..e006820 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java
@@ -67,6 +67,7 @@ import java.util.concurrent.atomic.AtomicInteger;
* Tests Undertow Adapter
*
* @author <a href="mailto:bburke@redhat.com">Bill Burke</a>
+ * @author <a href="mailto:john.ament@spartasystems.com">John Ament</a>
*/
public class AdapterTestStrategy extends ExternalResource {
@@ -814,4 +815,13 @@ public class AdapterTestStrategy extends ExternalResource {
}
+ void checkThatAccessTokenCanBeSentPublicly() {
+ // test login to customer-portal which does a bearer request to customer-db
+ final String applicationURL = APP_SERVER_BASE_URL + "/no-access-token?access_token=invalid_token";
+ driver.navigate().to(applicationURL);
+ System.out.println("Current url: " + driver.getCurrentUrl());
+ Assert.assertEquals(applicationURL, driver.getCurrentUrl());
+ inputPage.execute("hello");
+ }
+
}
diff --git a/testsuite/integration/src/test/resources/adapter-test/no-access-token.json b/testsuite/integration/src/test/resources/adapter-test/no-access-token.json
new file mode 100644
index 0000000..9c8cb7e
--- /dev/null
+++ b/testsuite/integration/src/test/resources/adapter-test/no-access-token.json
@@ -0,0 +1,11 @@
+{
+ "realm" : "demo",
+ "resource" : "no-access-token",
+ "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
+ "auth-server-url" : "http://${my.host.name}:8081/auth",
+ "ssl-required" : "external",
+ "credentials" : {
+ "secret": "password"
+ },
+ "ignore-oauth-query-parameter": true
+}
\ No newline at end of file
