Ability to run tests from within Keycloak server added
by Stian Thorgersen
I've added the option to run pieces of a test from within the Keycloak
server. This is useful when you need some details that is only internally
available or if you need to execute something on the server.
It's pretty simply all you need is to add an Arquillian deployment. This is
required to add classes for the code you want to run.
An example is added to:
https://github.com/keycloak/keycloak/blob/master/testsuite/integration-ar...
You can run stuff on the server, fetch stuff from the server and even do
assertions on the server which is sent back to the client side.
Finally there's some helpers in:
https://github.com/keycloak/keycloak/blob/master/testsuite/integration-ar...
These makes it easy to fetch internal realm and component settings. We can
add more here as needed. Take a look at RealmTest for an example on how to
use these.
Finally it's pretty nice to use remote WildFly container when writing tests
like these. To do that:
* Build including dist (mvn clean install -Pdistribution)
* Run
"testsuite/integration-arquillian/servers/auth-server/jboss/wildfly/target/unpacked/keycloak-3.0.0.CR1-SNAPSHOT/bin/standalone.sh
-Djboss.socket.binding.port-offset=100"
* In IntelliJ select view -> Tool Windows -> Maven
* In the open window expand profiles and select auth-server-remote
Now you can run the test and it will use the remote container rather than
embedded Undertow.
7 years, 2 months
SHA1 for checking Keycloak file integrity
by Bruno Oliveira
Ahoy, for the quickstarts we have to provide a wrapper, which will be
responsible to download a specific version of Keycloak and other
tasks[1].
For this wrapper we have some scenarios:
Scenario #1: User execute the script and manage to download Keycloak
Scenario #2: User execute the script and download is interrupted. Which
means that next time the script will resume that download
Scenario #3: User already downloaded Keycloak and of course she does not
want to do it again.
For scenario 3, I was thinking about generate a SHA1[2] file for each
Keycloak distribution to check the integrity of that file, not only for
security, but for consistency. If we just check if file exists, thinking
about scenario 2 and 3, we can't tell if that file was corrupted or not.
Thoughts?
[1] - https://issues.jboss.org/browse/KEYCLOAK-4321
[2] - http://maven.apache.org/plugins/maven-install-plugin/examples/installing-...
--
abstractj
7 years, 2 months
Custom user federation after 2.5.x
by Jorge M.
Hi,
It seems that some of the internal SPI's that supported custom federation
development in previous versions are now deprecated.
I'm looking at the new examples (jpa and simple) but I'm struggling with
the registration method.
My problem is that to use a custom webservice or a jpa implementation, I
need to know the basic user information at that point in order to do the
registration on my federation (name, email, username, ...) as the schema or
WS as non nullable / mandatory fields.
Is there any way to get that managed data at that point? (In the past I
used a solution based on TxAwareLDAPUserModelDelegate)
>From the jpa example:
@Override
public UserModel addUser(RealmModel realm, String username) {
UserEntity entity = new UserEntity();
entity.setId(UUID.randomUUID().toString());
entity.setUsername(username);
*//GET first name, last name and email here!!*
em.persist(entity);
logger.info("added user: " + username);
return new UserAdapter(session, realm, model, entity);
}
Thank you.
JM
7 years, 2 months
Keycloak v3.0.0
by gambol
Hiya
Just a quick question .. I was wondering if the up coming v3.0.0 release
will come with UMA enabled for the admin console, providing fine grain
support.
Rohith
7 years, 2 months
Test coverage
by Stian Thorgersen
Now that Keycloak 2.5.1 is released we should focus 100% on test
coverage/automation before we get started on Keycloak 3.
I'd like everyone on the team to help out with reviewing test coverage and
creating JIRAs for areas that are not covered. Let's not spend to much time
on this part and I hope we can complete it be early next week.
Once we've got an understanding of what areas that needs expanding on we'll
prioritize and start working on more test coverage, while QE focus on more
test automation.
We only have ~2 weeks set aside to this so let's focus on this and not get
distracted by starting writing more code ;)
7 years, 2 months
Missing RESTful equivalents for some User Storage SPI methods?
by Tomas Kyjovsky
Hello,
It seems there are some User Storage SPI methods for which there should be some equivalents in REST API -- but there aren't.
1) Searching for users by attribute:
UserQueryProvider.searchForUserByUserAttribute(String attrName, String attrValue, RealmModel realm)
2) Credential types (not 100% sure about these though):
CredentialInputValidator.isConfiguredFor(RealmModel realm, UserModel user, String credentialType)
CredentialInputUpdater.getDisableableCredentialTypes(RealmModel realm, UserModel user)
CredentialInputUpdater.disableCredentialType(RealmModel realm, UserModel user, String credentialType)
Does it make sense to add these?
Tomas
7 years, 2 months