mirror of
https://github.com/keycloak/keycloak.git
synced 2026-01-25 16:42:34 +00:00
KEYCLOAK-736 Database migration support"
This commit is contained in:
@@ -67,7 +67,7 @@
|
||||
"driverDialect": "${keycloak.connectionsJpa.driverDialect:}",
|
||||
"user": "${keycloak.connectionsJpa.user:sa}",
|
||||
"password": "${keycloak.connectionsJpa.password:}",
|
||||
"databaseSchema": "${keycloak.connectionsJpa.databaseSchema:create-drop}",
|
||||
"databaseSchema": "${keycloak.connectionsJpa.databaseSchema:update}",
|
||||
"showSql": "${keycloak.connectionsJpa.showSql:false}",
|
||||
"formatSql": "${keycloak.connectionsJpa.formatSql:true}"
|
||||
}
|
||||
@@ -78,7 +78,7 @@
|
||||
"host": "${keycloak.connectionsMongo.host:127.0.0.1}",
|
||||
"port": "${keycloak.connectionsMongo.port:27017}",
|
||||
"db": "${keycloak.connectionsMongo.db:keycloak}",
|
||||
"clearOnStartup": "${keycloak.connectionsMongo.clearOnStartup:false}"
|
||||
"databaseSchema": "${keycloak.connectionsMongo.databaseSchema:update}"
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -6,6 +6,15 @@ log4j.appender.stdout.layout.ConversionPattern=%d{HH:mm:ss,SSS} %-5p [%c] %m%n
|
||||
|
||||
log4j.logger.org.keycloak=info
|
||||
|
||||
# Enable to view loaded SPI and Providers
|
||||
# log4j.logger.org.keycloak.services.DefaultKeycloakSessionFactory=debug
|
||||
|
||||
# Enable to view database updates
|
||||
# log4j.logger.org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider=debug
|
||||
# log4j.logger.org.keycloak.connections.mongo.updater.DefaultMongoUpdaterProvider=debug
|
||||
|
||||
# log4j.logger.org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory=debug
|
||||
|
||||
log4j.logger.org.xnio=off
|
||||
log4j.logger.org.hibernate=off
|
||||
log4j.logger.org.jboss.resteasy=warn
|
||||
@@ -157,15 +157,11 @@ public class AccountTest {
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
@Ignore
|
||||
public void runit() throws Exception {
|
||||
Thread.sleep(10000000);
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
// @Test
|
||||
// @Ignore
|
||||
// public void runit() throws Exception {
|
||||
// Thread.sleep(10000000);
|
||||
// }
|
||||
|
||||
@Test
|
||||
public void returnToAppFromQueryParam() {
|
||||
|
||||
@@ -54,7 +54,7 @@ public class CompositeImportRoleTest {
|
||||
@Override
|
||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
||||
RealmRepresentation representation = KeycloakServer.loadJson(getClass().getResourceAsStream("/testcomposite.json"), RealmRepresentation.class);
|
||||
representation.setId("Test");
|
||||
representation.setId("test");
|
||||
RealmModel realm = manager.importRealm(representation);
|
||||
|
||||
realmPublicKey = realm.getPublicKey();
|
||||
@@ -78,7 +78,7 @@ public class CompositeImportRoleTest {
|
||||
|
||||
@Test
|
||||
public void testAppCompositeUser() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realm("test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("APP_COMPOSITE_APPLICATION");
|
||||
oauth.doLogin("APP_COMPOSITE_USER", "password");
|
||||
@@ -92,7 +92,7 @@ public class CompositeImportRoleTest {
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
Assert.assertEquals(keycloakRule.getUser("test", "APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
@@ -103,7 +103,7 @@ public class CompositeImportRoleTest {
|
||||
|
||||
@Test
|
||||
public void testRealmAppCompositeUser() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realm("test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("APP_ROLE_APPLICATION");
|
||||
oauth.doLogin("REALM_APP_COMPOSITE_USER", "password");
|
||||
@@ -117,7 +117,7 @@ public class CompositeImportRoleTest {
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
Assert.assertEquals(keycloakRule.getUser("test", "REALM_APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
|
||||
Assert.assertTrue(token.getResourceAccess("APP_ROLE_APPLICATION").isUserInRole("APP_ROLE_1"));
|
||||
@@ -127,7 +127,7 @@ public class CompositeImportRoleTest {
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserCompositeAppComposite() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realm("test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_COMPOSITE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
|
||||
@@ -141,7 +141,7 @@ public class CompositeImportRoleTest {
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
Assert.assertEquals(keycloakRule.getUser("test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(2, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_COMPOSITE_1"));
|
||||
@@ -150,7 +150,7 @@ public class CompositeImportRoleTest {
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserCompositeAppRole() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realm("test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_ROLE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
|
||||
@@ -164,7 +164,7 @@ public class CompositeImportRoleTest {
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
Assert.assertEquals(keycloakRule.getUser("test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
@@ -172,7 +172,7 @@ public class CompositeImportRoleTest {
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserRoleAppComposite() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realm("test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_COMPOSITE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_ROLE_1_USER", "password");
|
||||
@@ -186,13 +186,10 @@ public class CompositeImportRoleTest {
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_ROLE_1_USER").getId(), token.getSubject());
|
||||
Assert.assertEquals(keycloakRule.getUser("test", "REALM_ROLE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -58,7 +58,7 @@ public class CompositeRoleTest {
|
||||
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule(){
|
||||
@Override
|
||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
||||
RealmModel realm = manager.createRealm("Test");
|
||||
RealmModel realm = manager.createRealm("test");
|
||||
KeycloakModelUtils.generateRealmKeys(realm);
|
||||
realmPublicKey = realm.getPublicKey();
|
||||
realm.setSsoSessionIdleTimeout(3000);
|
||||
@@ -166,7 +166,7 @@ public class CompositeRoleTest {
|
||||
|
||||
@Test
|
||||
public void testAppCompositeUser() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realm("test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("APP_COMPOSITE_APPLICATION");
|
||||
oauth.doLogin("APP_COMPOSITE_USER", "password");
|
||||
@@ -180,7 +180,7 @@ public class CompositeRoleTest {
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
Assert.assertEquals(keycloakRule.getUser("test", "APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
@@ -194,7 +194,7 @@ public class CompositeRoleTest {
|
||||
|
||||
@Test
|
||||
public void testRealmAppCompositeUser() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realm("test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("APP_ROLE_APPLICATION");
|
||||
oauth.doLogin("REALM_APP_COMPOSITE_USER", "password");
|
||||
@@ -208,7 +208,7 @@ public class CompositeRoleTest {
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
Assert.assertEquals(keycloakRule.getUser("test", "REALM_APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
|
||||
Assert.assertTrue(token.getResourceAccess("APP_ROLE_APPLICATION").isUserInRole("APP_ROLE_1"));
|
||||
@@ -219,7 +219,7 @@ public class CompositeRoleTest {
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserCompositeAppComposite() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realm("test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_COMPOSITE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
|
||||
@@ -233,7 +233,7 @@ public class CompositeRoleTest {
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
Assert.assertEquals(keycloakRule.getUser("test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(2, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_COMPOSITE_1"));
|
||||
@@ -245,7 +245,7 @@ public class CompositeRoleTest {
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserCompositeAppRole() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realm("test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_ROLE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
|
||||
@@ -259,7 +259,7 @@ public class CompositeRoleTest {
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
Assert.assertEquals(keycloakRule.getUser("test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
@@ -270,7 +270,7 @@ public class CompositeRoleTest {
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserRoleAppComposite() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realm("test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_COMPOSITE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_ROLE_1_USER", "password");
|
||||
@@ -284,7 +284,7 @@ public class CompositeRoleTest {
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_ROLE_1_USER").getId(), token.getSubject());
|
||||
Assert.assertEquals(keycloakRule.getUser("test", "REALM_ROLE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
|
||||
@@ -64,7 +64,7 @@ public class ExportImportTest {
|
||||
propsHelper.pushProperty(JPA_CONNECTION_URL, "jdbc:h2:file:" + dbDir + ";DB_CLOSE_DELAY=-1");
|
||||
connectionURLSet = true;
|
||||
}
|
||||
propsHelper.pushProperty(JPA_DB_SCHEMA, "create");
|
||||
propsHelper.pushProperty(JPA_DB_SCHEMA, "update");
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -98,7 +98,6 @@ public class ExportImportTest {
|
||||
addUser(manager.getSession().users(), appRealm, "user1", "password");
|
||||
addUser(manager.getSession().users(), appRealm, "user2", "password");
|
||||
addUser(manager.getSession().users(), appRealm, "user3", "password");
|
||||
addUser(manager.getSession().users(), adminstrationRealm, "admin2", "admin2");
|
||||
|
||||
// Import "test-realm" realm
|
||||
try {
|
||||
@@ -129,6 +128,10 @@ public class ExportImportTest {
|
||||
systemProps.remove(propToRemove);
|
||||
}
|
||||
}
|
||||
|
||||
protected String[] getTestRealms() {
|
||||
return new String[]{"test", "demo", "test-realm"};
|
||||
}
|
||||
};
|
||||
|
||||
@ClassRule
|
||||
@@ -222,10 +225,6 @@ public class ExportImportTest {
|
||||
new RealmManager(session).removeRealm(realmProvider.getRealmByName("test"));
|
||||
Assert.assertEquals(2, realmProvider.getRealms().size());
|
||||
|
||||
RealmModel master = realmProvider.getRealmByName(Config.getAdminRealm());
|
||||
UserModel admin2 = session.users().getUserByUsername("admin2", master);
|
||||
session.users().removeUser(master, admin2);
|
||||
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user1", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user2", "password");
|
||||
@@ -247,7 +246,6 @@ public class ExportImportTest {
|
||||
UserProvider userProvider = session.users();
|
||||
Assert.assertEquals(3, model.getRealms().size());
|
||||
|
||||
assertAuthenticated(userProvider, model, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertAuthenticated(userProvider, model, "test", "test-user@localhost", "password");
|
||||
assertAuthenticated(userProvider, model, "test", "user1", "password");
|
||||
assertAuthenticated(userProvider, model, "test", "user2", "password");
|
||||
@@ -275,11 +273,6 @@ public class ExportImportTest {
|
||||
new RealmManager(session).removeRealm(realmProvider.getRealmByName("test"));
|
||||
Assert.assertEquals(2, realmProvider.getRealms().size());
|
||||
|
||||
RealmModel master = realmProvider.getRealmByName(Config.getAdminRealm());
|
||||
UserModel admin2 = session.users().getUserByUsername("admin2", master);
|
||||
session.users().removeUser(master, admin2);
|
||||
|
||||
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user1", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user2", "password");
|
||||
@@ -301,13 +294,10 @@ public class ExportImportTest {
|
||||
UserProvider userProvider = session.users();
|
||||
Assert.assertEquals(3, realmProvider.getRealms().size());
|
||||
|
||||
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "user1", "password");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "user2", "password");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "user3", "password");
|
||||
|
||||
addUser(userProvider, realmProvider.getRealmByName(Config.getAdminRealm()), "admin2", "admin2");
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
|
||||
@@ -30,12 +30,15 @@ import java.net.Socket;
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public abstract class AbstractKeycloakRule extends ExternalResource {
|
||||
|
||||
protected KeycloakServer server;
|
||||
|
||||
protected void before() throws Throwable {
|
||||
server = new KeycloakServer();
|
||||
server.start();
|
||||
|
||||
removeTestRealms();
|
||||
|
||||
setupKeycloak();
|
||||
}
|
||||
|
||||
@@ -123,6 +126,7 @@ public abstract class AbstractKeycloakRule extends ExternalResource {
|
||||
deploymentInfo.addServlet(servlet);
|
||||
return deploymentInfo;
|
||||
}
|
||||
|
||||
public void deployApplication(String name, String contextPath, Class<? extends Servlet> servletClass, String adapterConfigPath, String role) {
|
||||
deployApplication(name, contextPath, servletClass, adapterConfigPath, role, true);
|
||||
|
||||
@@ -147,9 +151,27 @@ public abstract class AbstractKeycloakRule extends ExternalResource {
|
||||
|
||||
@Override
|
||||
protected void after() {
|
||||
removeTestRealms();
|
||||
stopServer();
|
||||
}
|
||||
|
||||
protected void removeTestRealms() {
|
||||
KeycloakSession session = server.getSessionFactory().create();
|
||||
try {
|
||||
session.getTransaction().begin();
|
||||
RealmManager realmManager = new RealmManager(session);
|
||||
for (String realmName : getTestRealms()) {
|
||||
RealmModel realm = realmManager.getRealmByName(realmName);
|
||||
if (realm != null) {
|
||||
realmManager.removeRealm(realm);
|
||||
}
|
||||
}
|
||||
session.getTransaction().commit();
|
||||
} finally {
|
||||
session.close();
|
||||
}
|
||||
}
|
||||
|
||||
public RealmRepresentation loadJson(String path) throws IOException {
|
||||
InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream(path);
|
||||
ByteArrayOutputStream os = new ByteArrayOutputStream();
|
||||
@@ -169,7 +191,7 @@ public abstract class AbstractKeycloakRule extends ExternalResource {
|
||||
|
||||
public void stopSession(KeycloakSession session, boolean commit) {
|
||||
KeycloakTransaction transaction = session.getTransaction();
|
||||
if (commit) {
|
||||
if (commit && !transaction.getRollbackOnly()) {
|
||||
transaction.commit();
|
||||
} else {
|
||||
transaction.rollback();
|
||||
@@ -208,4 +230,9 @@ public abstract class AbstractKeycloakRule extends ExternalResource {
|
||||
Thread.currentThread().interrupt();
|
||||
}
|
||||
}
|
||||
|
||||
protected String[] getTestRealms() {
|
||||
return new String[]{"test", "demo"};
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"id": "Test",
|
||||
"realm": "Test",
|
||||
"id": "test",
|
||||
"realm": "test",
|
||||
"enabled": true,
|
||||
"accessTokenLifespan": 600,
|
||||
"accessCodeLifespan": 600,
|
||||
|
||||
Reference in New Issue
Block a user