diff --git a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/SendUsernameServlet.java b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/SendUsernameServlet.java
index aa29d0c..f79d276 100755
--- a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/SendUsernameServlet.java
+++ b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/SendUsernameServlet.java
@@ -64,7 +64,7 @@ public class SendUsernameServlet {
return Response.status(Response.Status.FORBIDDEN).entity("Forbidden").build();
}
- return Response.ok(getOutput(), MediaType.TEXT_PLAIN).build();
+ return Response.ok(getOutput(), MediaType.TEXT_PLAIN_TYPE.withCharset("UTF-8")).build();
}
@POST
@@ -76,7 +76,7 @@ public class SendUsernameServlet {
throw new RuntimeException("User: " + httpServletRequest.getUserPrincipal() + " do not have required role");
}
- return Response.ok(getOutput(), MediaType.TEXT_HTML_TYPE).build();
+ return Response.ok(getOutput(), MediaType.TEXT_HTML_TYPE.withCharset("UTF-8")).build();
}
@GET
@@ -84,7 +84,7 @@ public class SendUsernameServlet {
public Response getSentPrincipal() throws IOException {
System.out.println("In SendUsername Servlet getSentPrincipal()");
- return Response.ok(getAttributes(), MediaType.TEXT_HTML_TYPE).build();
+ return Response.ok(getAttributes(), MediaType.TEXT_HTML_TYPE.withCharset("UTF-8")).build();
}
@GET
@@ -108,7 +108,7 @@ public class SendUsernameServlet {
Integer statusCode = (Integer) httpServletRequest.getAttribute("javax.servlet.error.status_code");
System.out.println("In SendUsername Servlet errorPage() status code: " + statusCode);
- return Response.ok(getErrorOutput(statusCode), MediaType.TEXT_HTML_TYPE).build();
+ return Response.ok(getErrorOutput(statusCode), MediaType.TEXT_HTML_TYPE.withCharset("UTF-8")).build();
}
@GET
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSAMLServletsAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSAMLServletsAdapterTest.java
index 6dd3ee3..d6d52f2 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSAMLServletsAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSAMLServletsAdapterTest.java
@@ -24,6 +24,7 @@ import org.junit.Assert;
import org.junit.Test;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.ProtocolMappersResource;
+import org.keycloak.admin.client.resource.RoleScopeResource;
import org.keycloak.common.util.KeyUtils;
import org.keycloak.common.util.PemUtils;
import org.keycloak.keys.Attributes;
@@ -35,6 +36,7 @@ import org.keycloak.protocol.saml.mappers.RoleListMapper;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
+import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.saml.BaseSAML2BindingBuilder;
import org.keycloak.saml.SAML2ErrorResponseBuilder;
@@ -68,6 +70,7 @@ import org.keycloak.testsuite.auth.page.login.Login;
import org.keycloak.testsuite.auth.page.login.SAMLIDPInitiatedLogin;
import org.keycloak.testsuite.page.AbstractPage;
import org.keycloak.testsuite.util.IOUtil;
+import org.keycloak.testsuite.util.UserBuilder;
import org.openqa.selenium.By;
import org.w3c.dom.Document;
import org.xml.sax.SAXException;
@@ -94,9 +97,13 @@ import java.security.PublicKey;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
+import java.util.stream.Collectors;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
+import static org.hamcrest.Matchers.*;
+import static org.junit.Assert.*;
+import static org.keycloak.representations.idm.CredentialRepresentation.PASSWORD;
+import static org.keycloak.testsuite.AbstractAuthTest.createUserRepresentation;
+import static org.keycloak.testsuite.admin.ApiUtil.createUserAndResetPasswordWithAdminClient;
import static org.keycloak.testsuite.auth.page.AuthRealm.SAMLSERVLETDEMO;
import static org.keycloak.testsuite.util.IOUtil.loadRealm;
import static org.keycloak.testsuite.util.IOUtil.loadXML;
@@ -567,6 +574,48 @@ public abstract class AbstractSAMLServletsAdapterTest extends AbstractServletsAd
}
@Test
+ // https://issues.jboss.org/browse/KEYCLOAK-3971
+ public void salesPostSigTestUnicodeCharacters() {
+ final String username = "ěščřžýáíRoàåéèíñòøöùüßÅÄÖÜ";
+ UserRepresentation user = UserBuilder
+ .edit(createUserRepresentation(username, "xyz@redhat.com", "ěščřžýáí", "RoàåéèíñòøöùüßÅÄÖÜ", true))
+ .addPassword(PASSWORD)
+ .build();
+ String userId = createUserAndResetPasswordWithAdminClient(testRealmResource(), user, PASSWORD);
+ final RoleScopeResource realmRoleRes = testRealmResource().users().get(userId).roles().realmLevel();
+ List<RoleRepresentation> availableRoles = realmRoleRes.listAvailable();
+ realmRoleRes.add(availableRoles.stream().filter(r -> r.getName().equalsIgnoreCase("manager")).collect(Collectors.toList()));
+
+ UserRepresentation storedUser = testRealmResource().users().get(userId).toRepresentation();
+
+ assertThat(storedUser, notNullValue());
+ assertThat("Database seems to be unable to store Unicode for username. Refer to KEYCLOAK-3439 and related issues.", storedUser.getUsername(), equalToIgnoringCase(username));
+
+ assertSuccessfulLogin(salesPostSigServletPage, user, testRealmSAMLPostLoginPage, "principal=" + storedUser.getUsername());
+ }
+
+ @Test
+ // https://issues.jboss.org/browse/KEYCLOAK-3971
+ public void employeeSigTestUnicodeCharacters() {
+ final String username = "ěščřžýáíRoàåéèíñòøöùüßÅÄÖÜ";
+ UserRepresentation user = UserBuilder
+ .edit(createUserRepresentation(username, "xyz@redhat.com", "ěščřžýáí", "RoàåéèíñòøöùüßÅÄÖÜ", true))
+ .addPassword(PASSWORD)
+ .build();
+ String userId = createUserAndResetPasswordWithAdminClient(testRealmResource(), user, PASSWORD);
+ final RoleScopeResource realmRoleRes = testRealmResource().users().get(userId).roles().realmLevel();
+ List<RoleRepresentation> availableRoles = realmRoleRes.listAvailable();
+ realmRoleRes.add(availableRoles.stream().filter(r -> r.getName().equalsIgnoreCase("manager")).collect(Collectors.toList()));
+
+ UserRepresentation storedUser = testRealmResource().users().get(userId).toRepresentation();
+
+ assertThat(storedUser, notNullValue());
+ assertThat("Database seems to be unable to store Unicode for username. Refer to KEYCLOAK-3439 and related issues.", storedUser.getUsername(), equalToIgnoringCase(username));
+
+ assertSuccessfulLogin(employeeSigServletPage, user, testRealmSAMLRedirectLoginPage, "principal=" + storedUser.getUsername());
+ }
+
+ @Test
public void salesPostSigEmailTest() {
testSuccessfulAndUnauthorizedLogin(salesPostSigEmailServletPage, testRealmSAMLPostLoginPage, "principal=bburke@redhat.com");
}
