Add OAuthClient supplier for new test framework (#37487)

Closes #37486

Signed-off-by: stianst <[email protected]>

Author: stianst

pom.xml

@@ -1162,6 +1162,11 @@
                 <version>${project.version}</version>
                 <classifier>classes</classifier>
             </dependency>
+            <dependency>
+                <groupId>org.keycloak.tests</groupId>
+                <artifactId>keycloak-tests-utils-shared</artifactId>
+                <version>${project.version}</version>
+            </dependency>
 
             <dependency>
                 <groupId>org.keycloak</groupId>

test-framework/bom/pom.xml

@@ -81,6 +81,12 @@
                 <version>${project.version}</version>
                 <scope>test</scope>
             </dependency>
+            <dependency>
+                <groupId>org.keycloak.testframework</groupId>
+                <artifactId>keycloak-test-framework-oauth</artifactId>
+                <version>${project.version}</version>
+                <scope>test</scope>
+            </dependency>
             <dependency>
                 <groupId>org.keycloak.testframework</groupId>
                 <artifactId>keycloak-test-framework-email-server</artifactId>

test-framework/examples/tests/pom.xml

@@ -68,6 +68,10 @@
             <groupId>org.keycloak.testframework</groupId>
             <artifactId>keycloak-test-framework-db-postgres</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.keycloak.testframework</groupId>
+            <artifactId>keycloak-test-framework-oauth</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.keycloak.testframework</groupId>
             <artifactId>keycloak-test-framework-oauth-nimbus-poc</artifactId>

test-framework/examples/tests/src/test/java/org/keycloak/test/examples/NimbusOAuthClientTest.java

@@ -0,0 +1,103 @@
+package org.keycloak.test.examples;
+
+import com.nimbusds.oauth2.sdk.AuthorizationResponse;
+import com.nimbusds.oauth2.sdk.TokenIntrospectionResponse;
+import com.nimbusds.oauth2.sdk.TokenResponse;
+import com.nimbusds.oauth2.sdk.token.AccessToken;
+import jakarta.ws.rs.core.Response;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.keycloak.testframework.oauth.nimbus.annotations.InjectOAuthClient;
+import org.keycloak.testframework.annotations.InjectUser;
+import org.keycloak.testframework.annotations.KeycloakIntegrationTest;
+import org.keycloak.testframework.oauth.nimbus.OAuthClient;
+import org.keycloak.testframework.realm.ManagedUser;
+import org.keycloak.testframework.realm.UserConfig;
+import org.keycloak.testframework.realm.UserConfigBuilder;
+import org.keycloak.testframework.ui.annotations.InjectPage;
+import org.keycloak.testframework.ui.annotations.InjectWebDriver;
+import org.keycloak.testframework.ui.page.LoginPage;
+import org.openqa.selenium.WebDriver;
+
+import java.net.URI;
+import java.net.URL;
+
+@KeycloakIntegrationTest
+public class NimbusOAuthClientTest {
+
+    @InjectUser(config = OAuthUserConfig.class)
+    ManagedUser user;
+
+    @InjectOAuthClient
+    OAuthClient oAuthClient;
+
+    @InjectWebDriver
+    WebDriver webDriver;
+
+    @InjectPage
+    LoginPage loginPage;
+
+    @Test
+    public void testClientCredentials() throws Exception {
+        TokenResponse tokenResponse = oAuthClient.clientCredentialGrant();
+        Assertions.assertTrue(tokenResponse.indicatesSuccess());
+        Assertions.assertNotNull(tokenResponse.toSuccessResponse().getTokens().getAccessToken());
+    }
+
+    @Test
+    public void testIntrospection() throws Exception {
+        AccessToken accessToken = oAuthClient.clientCredentialGrant().toSuccessResponse().getTokens().getAccessToken();
+        TokenIntrospectionResponse introspectionResponse = oAuthClient.introspection(accessToken);
+        Assertions.assertTrue(introspectionResponse.indicatesSuccess());
+        Assertions.assertNotNull(introspectionResponse.toSuccessResponse().getIssuer());
+    }
+
+    @Test
+    public void testAuthorizationCode() throws Exception {
+        URL authorizationRequestURL = oAuthClient.authorizationRequest();
+        webDriver.navigate().to(authorizationRequestURL);
+        loginPage.fillLogin(user.getUsername(), user.getPassword());
+        loginPage.submit();
+
+        Assertions.assertEquals(1, oAuthClient.getCallbacks().size());
+
+        URI callbackUri = oAuthClient.getCallbacks().remove(0);
+
+        AuthorizationResponse authorizationResponse = AuthorizationResponse.parse(callbackUri);
+        Assertions.assertTrue(authorizationResponse.indicatesSuccess());
+        Assertions.assertNotNull(authorizationResponse.toSuccessResponse().getAuthorizationCode());
+
+        TokenResponse tokenResponse = oAuthClient.tokenRequest(authorizationResponse.toSuccessResponse().getAuthorizationCode());
+        Assertions.assertTrue(tokenResponse.indicatesSuccess());
+        Assertions.assertNotNull(tokenResponse.toSuccessResponse().getTokens().getAccessToken());
+    }
+
+    @Test
+    public void testAccessTokenRevocation() throws Exception {
+        TokenResponse tokenResponse = oAuthClient.clientCredentialGrant();
+        Assertions.assertTrue(tokenResponse.indicatesSuccess());
+        Assertions.assertNotNull(tokenResponse.toSuccessResponse().getTokens().getAccessToken());
+
+        AccessToken accessToken = tokenResponse.toSuccessResponse().getTokens().getAccessToken();
+        TokenIntrospectionResponse introspectionResponse = oAuthClient.introspection(accessToken);
+        Assertions.assertTrue(introspectionResponse.indicatesSuccess());
+        Assertions.assertNotNull(introspectionResponse.toSuccessResponse().getScope());
+
+        Assertions.assertEquals(Response.Status.OK.getStatusCode(), oAuthClient.revokeAccessToken(accessToken).getStatusCode());
+
+        introspectionResponse = oAuthClient.introspection(accessToken);
+        Assertions.assertTrue(introspectionResponse.indicatesSuccess());
+        Assertions.assertNull(introspectionResponse.toSuccessResponse().getScope());
+    }
+
+    public static class OAuthUserConfig implements UserConfig {
+
+        @Override
+        public UserConfigBuilder configure(UserConfigBuilder user) {
+            return user.name("First", "Last")
+                    .email("test@local")
+                    .password("password");
+        }
+    }
+
+}

test-framework/examples/tests/src/test/java/org/keycloak/test/examples/OAuthClientTest.java

@@ -1,100 +1,93 @@
 package org.keycloak.test.examples;
 
-import com.nimbusds.oauth2.sdk.AuthorizationResponse;
-import com.nimbusds.oauth2.sdk.TokenIntrospectionResponse;
-import com.nimbusds.oauth2.sdk.TokenResponse;
-import com.nimbusds.oauth2.sdk.token.AccessToken;
-import jakarta.ws.rs.core.Response;
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;
-import org.keycloak.testframework.oauth.nimbus.annotations.InjectOAuthClient;
+import org.keycloak.testframework.annotations.InjectClient;
+import org.keycloak.testframework.annotations.InjectRealm;
 import org.keycloak.testframework.annotations.InjectUser;
 import org.keycloak.testframework.annotations.KeycloakIntegrationTest;
-import org.keycloak.testframework.oauth.nimbus.OAuthClient;
+import org.keycloak.testframework.oauth.OAuthClient;
+import org.keycloak.testframework.oauth.annotations.InjectOAuthClient;
+import org.keycloak.testframework.realm.ClientConfig;
+import org.keycloak.testframework.realm.ClientConfigBuilder;
+import org.keycloak.testframework.realm.ManagedClient;
+import org.keycloak.testframework.realm.ManagedRealm;
 import org.keycloak.testframework.realm.ManagedUser;
 import org.keycloak.testframework.realm.UserConfig;
 import org.keycloak.testframework.realm.UserConfigBuilder;
-import org.keycloak.testframework.ui.annotations.InjectPage;
-import org.keycloak.testframework.ui.annotations.InjectWebDriver;
-import org.keycloak.testframework.ui.page.LoginPage;
-import org.openqa.selenium.WebDriver;
-
-import java.net.URI;
-import java.net.URL;
+import org.keycloak.testsuite.util.oauth.AccessTokenResponse;
+import org.keycloak.testsuite.util.oauth.TokenRevocationResponse;
 
 @KeycloakIntegrationTest
 public class OAuthClientTest {
 
-    @InjectUser(config = OAuthUserConfig.class)
-    ManagedUser user;
-
     @InjectOAuthClient
     OAuthClient oAuthClient;
 
-    @InjectWebDriver
-    WebDriver webDriver;
+    @InjectRealm
+    ManagedRealm managedRealm;
 
-    @InjectPage
-    LoginPage loginPage;
+    @InjectClient(config = OAuthClientConfig.class)
+    ManagedClient client;
 
-    @Test
-    public void testClientCredentials() throws Exception {
-        TokenResponse tokenResponse = oAuthClient.clientCredentialGrant();
-        Assertions.assertTrue(tokenResponse.indicatesSuccess());
-        Assertions.assertNotNull(tokenResponse.toSuccessResponse().getTokens().getAccessToken());
-    }
+    @InjectUser(config = OAuthUserConfig.class)
+    ManagedUser user;
 
     @Test
-    public void testIntrospection() throws Exception {
-        AccessToken accessToken = oAuthClient.clientCredentialGrant().toSuccessResponse().getTokens().getAccessToken();
-        TokenIntrospectionResponse introspectionResponse = oAuthClient.introspection(accessToken);
-        Assertions.assertTrue(introspectionResponse.indicatesSuccess());
-        Assertions.assertNotNull(introspectionResponse.toSuccessResponse().getIssuer());
+    public void testConfig() {
+        Assertions.assertEquals(managedRealm.getName(), oAuthClient.config().getRealm());
+        Assertions.assertEquals(managedRealm.getBaseUrl() + "/protocol/openid-connect/token", oAuthClient.getEndpoints().getToken());
     }
 
     @Test
-    public void testAuthorizationCode() throws Exception {
-        URL authorizationRequestURL = oAuthClient.authorizationRequest();
-        webDriver.navigate().to(authorizationRequestURL);
-        loginPage.fillLogin(user.getUsername(), user.getPassword());
-        loginPage.submit();
+    public void testPasswordGrant() {
+        AccessTokenResponse accessTokenResponse = oAuthClient.doPasswordGrantRequest(user.getUsername(), user.getPassword());
+        Assertions.assertTrue(accessTokenResponse.isSuccess());
 
-        Assertions.assertEquals(1, oAuthClient.getCallbacks().size());
+        accessTokenResponse = oAuthClient.passwordGrantRequest(user.getUsername(), "invalid").send();
+        Assertions.assertFalse(accessTokenResponse.isSuccess());
+        Assertions.assertEquals("Invalid user credentials", accessTokenResponse.getErrorDescription());
+    }
 
-        URI callbackUri = oAuthClient.getCallbacks().remove(0);
+    @Test
+    public void testClientCredential() {
+        AccessTokenResponse accessTokenResponse = oAuthClient.doClientCredentialsGrantAccessTokenRequest();
+        Assertions.assertTrue(accessTokenResponse.isSuccess());
+    }
 
-        AuthorizationResponse authorizationResponse = AuthorizationResponse.parse(callbackUri);
-        Assertions.assertTrue(authorizationResponse.indicatesSuccess());
-        Assertions.assertNotNull(authorizationResponse.toSuccessResponse().getAuthorizationCode());
+    @Test
+    public void testRefresh() {
+        AccessTokenResponse accessTokenResponse = oAuthClient.doPasswordGrantRequest(user.getUsername(), user.getPassword());
 
-        TokenResponse tokenResponse = oAuthClient.tokenRequest(authorizationResponse.toSuccessResponse().getAuthorizationCode());
-        Assertions.assertTrue(tokenResponse.indicatesSuccess());
-        Assertions.assertNotNull(tokenResponse.toSuccessResponse().getTokens().getAccessToken());
+        AccessTokenResponse refreshResponse = oAuthClient.doRefreshTokenRequest(accessTokenResponse.getRefreshToken());
+        Assertions.assertTrue(refreshResponse.isSuccess());
+        Assertions.assertNotEquals(accessTokenResponse.getAccessToken(), refreshResponse.getAccessToken());
     }
 
     @Test
-    public void testAccessTokenRevocation() throws Exception {
-        TokenResponse tokenResponse = oAuthClient.clientCredentialGrant();
-        Assertions.assertTrue(tokenResponse.indicatesSuccess());
-        Assertions.assertNotNull(tokenResponse.toSuccessResponse().getTokens().getAccessToken());
+    public void testRevocation() {
+        AccessTokenResponse accessTokenResponse = oAuthClient.doPasswordGrantRequest(user.getUsername(), user.getPassword());
 
-        AccessToken accessToken = tokenResponse.toSuccessResponse().getTokens().getAccessToken();
-        TokenIntrospectionResponse introspectionResponse = oAuthClient.introspection(accessToken);
-        Assertions.assertTrue(introspectionResponse.indicatesSuccess());
-        Assertions.assertNotNull(introspectionResponse.toSuccessResponse().getScope());
+        TokenRevocationResponse tokenRevocationResponse = oAuthClient.doTokenRevoke(accessTokenResponse.getRefreshToken());
+        Assertions.assertTrue(tokenRevocationResponse.isSuccess());
 
-        Assertions.assertEquals(Response.Status.OK.getStatusCode(), oAuthClient.revokeAccessToken(accessToken).getStatusCode());
+        AccessTokenResponse refreshResponse = oAuthClient.doRefreshTokenRequest(accessTokenResponse.getRefreshToken());
+        Assertions.assertFalse(refreshResponse.isSuccess());
+    }
+
+    public static class OAuthClientConfig implements ClientConfig {
 
-        introspectionResponse = oAuthClient.introspection(accessToken);
-        Assertions.assertTrue(introspectionResponse.indicatesSuccess());
-        Assertions.assertNull(introspectionResponse.toSuccessResponse().getScope());
+        @Override
+        public ClientConfigBuilder configure(ClientConfigBuilder client) {
+            return client.clientId("myclient").secret("mysecret").directAccessGrants().serviceAccount();
+        }
     }
 
     public static class OAuthUserConfig implements UserConfig {
 
         @Override
         public UserConfigBuilder configure(UserConfigBuilder user) {
-            return user.name("First", "Last")
+            return user.username("myuser").name("First", "Last")
                     .email("test@local")
                     .password("password");
         }

test-framework/oauth/pom.xml

@@ -0,0 +1,50 @@
+<?xml version="1.0"?>
+<!--
+  ~ Copyright 2016 Red Hat, Inc. and/or its affiliates
+  ~ and other contributors as indicated by the @author tags.
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <parent>
+        <artifactId>keycloak-test-framework-parent</artifactId>
+        <groupId>org.keycloak.testframework</groupId>
+        <version>999.0.0-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>keycloak-test-framework-oauth</artifactId>
+    <name>Keycloak Test Framework</name>
+    <packaging>jar</packaging>
+    <description>OAuth extension for Keycloak Test Framework</description>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.keycloak.testframework</groupId>
+            <artifactId>keycloak-test-framework-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak.testframework</groupId>
+            <artifactId>keycloak-test-framework-ui</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak.tests</groupId>
+            <artifactId>keycloak-tests-utils-shared</artifactId>
+        </dependency>
+    </dependencies>
+</project>

test-framework/oauth/src/main/java/org/keycloak/testframework/oauth/OAuthClient.java

@@ -0,0 +1,21 @@
+package org.keycloak.testframework.oauth;
+
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.keycloak.OAuth2Constants;
+import org.keycloak.testsuite.util.oauth.AbstractOAuthClient;
+import org.keycloak.testsuite.util.oauth.OAuthClientConfig;
+import org.openqa.selenium.WebDriver;
+
+public class OAuthClient extends AbstractOAuthClient<OAuthClient> {
+
+    public OAuthClient(String baseUrl, CloseableHttpClient httpClient, WebDriver webDriver) {
+        super(baseUrl, httpClient, webDriver);
+
+        config = new OAuthClientConfig()
+                .responseType(OAuth2Constants.CODE);
+    }
+
+    public void close() {
+    }
+
+}