Hello, I try to build automated tests for a keycloak secured REST application. I plan to use arquilian as a test platform. Do i need to have a working keycloak server to be used in the tests ? Or is it possible to embed keycloak in the temporary deployment created by arquilian?

Btw, my endpoints don't use web.xml based security rules. I instead use RSATokenVerifier.verifyToken() to manually verify the token. Thus, i suppose that being able to manually create auth tokens from my test cases (and not relying on a keycloak server) would also work.

I see. So, i'll need to have a separate working keycloak server available for testing. No workarounds. Did i got this right ? On Tue, Dec 15, 2015 at 6:00 PM, Bill Burke <bburke(a)redhat.com <mailto:bburke@redhat.com>> wrote: On 12/15/2015 10:54 AM, Orestis Tsakiridis wrote: > Hello, > > I try to build automated tests for a keycloak secured REST application. > I plan to use arquilian as a test platform. > > Do i need to have a working keycloak server to be used in the tests ? > Or is it possible to embed keycloak in the temporary deployment created > by arquilian? > That's a real good point. Not sure how we are tackling this. > Btw, my endpoints don't use web.xml based security rules. I instead use > > RSATokenVerifier.verifyToken() to manually verify the token. > > Thus, i suppose that being able to manually create auth tokens from my > test cases (and not relying on a keycloak server) would also work. > FYI, Keycloak client adapters do have a filter implementations now that you can use. -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/keycloak-user

I see. So, i'll need to have a separate working keycloak server available for testing. No workarounds. Did i got this right ? On Tue, Dec 15, 2015 at 6:00 PM, Bill Burke <bburke(a)redhat.com&gt; wrote: > > > On 12/15/2015 10:54 AM, Orestis Tsakiridis wrote: > > Hello, > > > > I try to build automated tests for a keycloak secured REST application. > > I plan to use arquilian as a test platform. > > > > Do i need to have a working keycloak server to be used in the tests ? > > Or is it possible to embed keycloak in the temporary deployment created > > by arquilian? > > > > That's a real good point. Not sure how we are tackling this. > > > Btw, my endpoints don't use web.xml based security rules. I instead use > > > > RSATokenVerifier.verifyToken() to manually verify the token. > > > > Thus, i suppose that being able to manually create auth tokens from my > > test cases (and not relying on a keycloak server) would also work. > > > > FYI, Keycloak client adapters do have a filter implementations now that > you can use. > > > -- > Bill Burke > JBoss, a division of Red Hat > http://bill.burkecentral.com > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user > _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user

Thanks Bob, that might be the way to go. Will definitely try it. On Tue, Dec 15, 2015 at 6:15 PM, Bob McWhirter <bmcwhirt(a)redhat.com&gt; wrote: > Let me suggest the WildFly Swarm Keycloak Server. > > We use it in testing secured Swarm apps. > > It’s an executable .jar with maven coordinates, and can be executed with > the maven-exec-plugin in your pre-integration-test phase, or you can use > the wildfly-swarm-plugin to start/stop it. > > See here for an example: > > > https://github.com/wildfly-swarm/wildfly-swarm-examples/blob/master/ribbo... > > We’ll document this better shortly. > > -Bob > > On Tue, Dec 15, 2015 at 11:11 AM, Orestis Tsakiridis < > orestis.tsakiridis(a)telestax.com&gt; wrote: > >> I see. >> >> So, i'll need to have a separate working keycloak server available for >> testing. No workarounds. Did i got this right ? >> >> >> >> >> >> On Tue, Dec 15, 2015 at 6:00 PM, Bill Burke <bburke(a)redhat.com&gt; wrote: >> >>> >>> >>> On 12/15/2015 10:54 AM, Orestis Tsakiridis wrote: >>> > Hello, >>> > >>> > I try to build automated tests for a keycloak secured REST >>> application. >>> > I plan to use arquilian as a test platform. >>> > >>> > Do i need to have a working keycloak server to be used in the tests ? >>> > Or is it possible to embed keycloak in the temporary deployment >>> created >>> > by arquilian? >>> > >>> >>> That's a real good point. Not sure how we are tackling this. >>> >>> > Btw, my endpoints don't use web.xml based security rules. I instead >>> use >>> > >>> > RSATokenVerifier.verifyToken() to manually verify the token. >>> > >>> > Thus, i suppose that being able to manually create auth tokens from my >>> > test cases (and not relying on a keycloak server) would also work. >>> > >>> >>> FYI, Keycloak client adapters do have a filter implementations now that >>> you can use. >>> >>> >>> -- >>> Bill Burke >>> JBoss, a division of Red Hat >>> http://bill.burkecentral.com >>> _______________________________________________ >>> keycloak-user mailing list >>> keycloak-user(a)lists.jboss.org >>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>> >> >> >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-user >> > > _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user