Configured keycloak and fixed integration tests

ing-bank · Aug 12, 2022 · 7fdd1bc · 7fdd1bc
1 parent 05e5ba0
commit 7fdd1bc
Show file tree

Hide file tree

Showing 12 changed files with 63 additions and 30 deletions.
diff --git a/build.sbt b/build.sbt
@@ -12,7 +12,7 @@ scalacOptions := Seq(
   "-unchecked",
   "-deprecation",
   "-encoding", "utf-8",
-  "-target:jvm-1.8",
+  "-target:11",
   "-feature",
   "-Xlint",
   "-Xfatal-warnings",
@@ -25,7 +25,7 @@ assemblyJarName in assembly := "rokku-sts.jar"
 
 val akkaVersion = "2.6.19"
 val akkaHttpVersion = "10.2.9"
-val keycloakVersion = "8.0.2"
+val keycloakVersion = "16.1.1"
 val logbackJson = "0.1.5"
 
 libraryDependencies ++= Seq(
@@ -62,7 +62,7 @@ Defaults.itSettings
 parallelExecution in IntegrationTest := false
 
 javaOptions in Universal ++= Seq(
-  "-Dlogback.configurationFile=/rokku/logback.xml"
+  "-Dlogback.configurationFile=/rokku/logback.xml",
 )
 
 enablePlugins(JavaAppPackaging)
@@ -71,7 +71,7 @@ fork := true
 
 dockerExposedPorts := Seq(12345)
 dockerCommands += ExecCmd("ENV", "PROXY_HOST", "0.0.0.0")
-dockerBaseImage := "openjdk:8u171-jre-slim-stretch"
+dockerBaseImage := "openjdk:8u171-jre-slim-buster"
 dockerAlias := docker.DockerAlias(Some("docker.io"), Some("wbaa"), "rokku-sts", Some(rokkuStsVersion))
 
 scalariformPreferences := scalariformPreferences.value

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -2,14 +2,25 @@ version: "2"
 services:
 
   keycloak:
-    image: wbaa/rokku-dev-keycloak:0.0.9
+    image: jboss/keycloak:16.1.1
     environment:
       - KEYCLOAK_USER=admin
       - KEYCLOAK_PASSWORD=admin
       - DB_VENDOR=h2
+    volumes:
+      - ./keycloak/data:/opt/jboss/keycloak/standalone/data
     ports:
       - 8080:8080
 
+  nool:
+    image: wbaa/rokku-dev-keycloak:0.0.9
+    environment:
+      - KEYCLOAK_USER=admin
+      - KEYCLOAK_PASSWORD=admin
+      - DB_VENDOR=h2
+    ports:
+      - 8081:8080  
+
   mariadb:
     image: wbaa/rokku-dev-mariadb:0.0.8
     environment:

diff --git a/keycloak/data/kernel/process-uuid b/keycloak/data/kernel/process-uuid
@@ -0,0 +1 @@
+6895c06c-d735-46a1-90d7-c0c2c1ac0f80
diff --git a/keycloak/data/keycloak.lock.db b/keycloak/data/keycloak.lock.db
@@ -0,0 +1,6 @@
+#FileLock
+#Fri Aug 12 09:55:34 GMT 2022
+server=172.26.0.3\:40845
+hostName=d0d26d21a3d6
+method=file
+id=182917b0236589229c0cb40987878a043daa48ed417
diff --git a/keycloak/data/keycloak.mv.db b/keycloak/data/keycloak.mv.db
diff --git a/keycloak/data/keycloak.trace.db b/keycloak/data/keycloak.trace.db
@@ -0,0 +1,9 @@
+2022-08-10 10:08:21 jdbc[3]: exception
+org.h2.jdbc.JdbcSQLException: Table "DATABASECHANGELOGLOCK" not found; SQL statement:
+select count(*) from PUBLIC.DATABASECHANGELOGLOCK [42102-197]
+2022-08-10 10:08:25 jdbc[4]: exception
+org.h2.jdbc.JdbcSQLException: Table "DATABASECHANGELOG" not found; SQL statement:
+select count(*) from PUBLIC.DATABASECHANGELOG [42102-197]
+2022-08-10 10:08:29 jdbc[4]: exception
+org.h2.jdbc.JdbcSQLException: Table "DATABASECHANGELOG" not found; SQL statement:
+select count(*) from PUBLIC.DATABASECHANGELOG [42102-197]
diff --git a/...ject-store/ShadowNoFileLockStore/defaultStore/EISNAME/0_ffffc0a87003_7d92f3f6_62f38382_20 b/...ject-store/ShadowNoFileLockStore/defaultStore/EISNAME/0_ffffc0a87003_7d92f3f6_62f38382_20
diff --git a/project/build.properties b/project/build.properties
@@ -1 +1 @@
-sbt.version = 1.4.0
+sbt.version = 1.7.1
diff --git a/src/it/scala/com/ing/wbaa/rokku/sts/StsServiceItTest.scala b/src/it/scala/com/ing/wbaa/rokku/sts/StsServiceItTest.scala
@@ -28,7 +28,14 @@ class StsServiceItTest extends AsyncWordSpec with Diagrams
   override implicit val testSystem: ActorSystem = ActorSystem.create("test-system")
   override implicit val exContext: ExecutionContextExecutor = testSystem.dispatcher
 
-  private val validCredentials = Map("grant_type" -> "password", "username" -> "userone", "password" -> "password", "client_id" -> "sts-rokku")
+  val keycloakSettings: KeycloakSettings = new KeycloakSettings(testSystem.settings.config)
+  private val validCredentials = Map(
+    "grant_type" -> "password",
+    "username" -> "userone",
+    "password" -> "password",
+    "client_id" -> keycloakSettings.resource,
+    "client_secret" -> keycloakSettings.clientSecret,
+  )
   private val invalidCredentials = validCredentials + ("password" -> "xxx")
   private val validAdminArn = "arn:aws:iam::account-id:role/admin"
   private val forbiddenSuperUserArn = "arn:aws:iam:account-id:role/superuser"
@@ -38,10 +45,6 @@ class StsServiceItTest extends AsyncWordSpec with Diagrams
     override val httpBind: String = "127.0.0.1"
   }
 
-  override val keycloakSettings: KeycloakSettings = new KeycloakSettings(testSystem.settings.config) {
-    override val realmPublicKeyId: String = "FJ86GcF3jTbNLOco4NvZkUCIUmfYCqoqtOQeMfbhNlE"
-  }
-
   def withOAuth2TokenRequest(formData: Map[String, String])(testCode: KeycloackToken => Assertion): Future[Assertion] = {
     keycloackToken(formData).map(testCode(_))
   }
@@ -59,10 +62,7 @@ class StsServiceItTest extends AsyncWordSpec with Diagrams
 
       override protected[this] def httpSettings: HttpSettings = rokkuHttpSettings
 
-      override protected[this] def keycloakSettings: KeycloakSettings = new KeycloakSettings(testSystem.settings.config) {
-        override val realmPublicKeyId: String = "FJ86GcF3jTbNLOco4NvZkUCIUmfYCqoqtOQeMfbhNlE"
-        override val issuerForList: Set[String] = Set("sts-rokku")
-      }
+      val keycloakSettings: KeycloakSettings = new KeycloakSettings(testSystem.settings.config)
 
       override protected[this] def stsSettings: StsSettings = StsSettings(testSystem)
 
@@ -101,8 +101,8 @@ class StsServiceItTest extends AsyncWordSpec with Diagrams
     "return credentials for valid token" in withAwsClient { stsAwsClient =>
       withOAuth2TokenRequest(validCredentials) { keycloakToken =>
         val credentials = stsAwsClient.getSessionToken(new GetSessionTokenRequest()
-          .withTokenCode(keycloakToken.access_token))
-          .getCredentials
+        .withTokenCode(keycloakToken.access_token))
+        .getCredentials
 
         assert(!credentials.getAccessKeyId.isEmpty)
         assert(!credentials.getSecretAccessKey.isEmpty)

diff --git a/src/it/scala/com/ing/wbaa/rokku/sts/keycloak/KeycloakClientItTest.scala b/src/it/scala/com/ing/wbaa/rokku/sts/keycloak/KeycloakClientItTest.scala
@@ -15,10 +15,7 @@ class KeycloakClientItTest extends AsyncWordSpec with Diagrams with OAuth2TokenR
   override implicit val testSystem: ActorSystem = ActorSystem.create("test-system")
   override implicit val exContext: ExecutionContextExecutor = testSystem.dispatcher
 
-  override val keycloakSettings: KeycloakSettings = new KeycloakSettings(testSystem.settings.config) {
-    override val realmPublicKeyId: String = "FJ86GcF3jTbNLOco4NvZkUCIUmfYCqoqtOQeMfbhNlE"
-    override val issuerForList: Set[String] = Set("sts-rokku")
-  }
+  val keycloakSettings: KeycloakSettings = new KeycloakSettings(testSystem.settings.config)
 
   "Keycloak client" should {
     val username = "test"

diff --git a/src/it/scala/com/ing/wbaa/rokku/sts/keycloak/KeycloakTokenVerifierTest.scala b/src/it/scala/com/ing/wbaa/rokku/sts/keycloak/KeycloakTokenVerifierTest.scala
@@ -17,17 +17,26 @@ class KeycloakTokenVerifierTest extends AsyncWordSpec with Diagrams with OAuth2T
   override implicit val testSystem: ActorSystem = ActorSystem.create("test-system")
   override implicit val exContext: ExecutionContextExecutor = testSystem.dispatcher
 
-  override val keycloakSettings: KeycloakSettings = new KeycloakSettings(testSystem.settings.config) {
-    override val realmPublicKeyId: String = "FJ86GcF3jTbNLOco4NvZkUCIUmfYCqoqtOQeMfbhNlE"
-    override val issuerForList: Set[String] = Set("sts-rokku")
-  }
+  val keycloakSettings: KeycloakSettings = new KeycloakSettings(testSystem.settings.config)
 
   private def withOAuth2TokenRequest(formData: Map[String, String])(testCode: KeycloackToken => Assertion): Future[Assertion] = {
     keycloackToken(formData).map(testCode)
   }
 
-  private val validCredentialsUser1 = Map("grant_type" -> "password", "username" -> "userone", "password" -> "password", "client_id" -> "sts-rokku")
-  private val validCredentialsUser2 = Map("grant_type" -> "password", "username" -> "testuser", "password" -> "password", "client_id" -> "sts-rokku")
+  private val validCredentialsUser1 = Map(
+    "grant_type" -> "password",
+    "username" -> "userone",
+    "password" -> "password",
+    "client_id" -> keycloakSettings.resource,
+    "client_secret" -> keycloakSettings.clientSecret,
+    )
+    private val validCredentialsUser2 = Map(
+      "grant_type" -> "password",
+      "username" -> "testuser",
+      "password" -> "password",
+      "client_id" -> keycloakSettings.resource,
+      "client_secret" -> keycloakSettings.clientSecret,
+     )
 
   "Keycloak verifier" should {
     "return verified token for user 1" in withOAuth2TokenRequest(validCredentialsUser1) { keycloakToken =>

diff --git a/src/main/resources/reference.conf b/src/main/resources/reference.conf
@@ -7,16 +7,16 @@ rokku {
         }
         # Default keycloak configuration file and realm public key id
         keycloak {
-            realmPublicKeyId = "FJ86GcF3jTbNLOco4NvZkUCIUmfYCqoqtOQeMfbhNlE"
+            realmPublicKeyId = "71Fo4peRHRc7XjPQMEMWFne3F_Hug3O-NT9bMP9YoQg"
             realm = "auth-rokku"
             resource = "sts-rokku"
             url = "http://127.0.0.1:8080"
-            clientSecret = ""
+            clientSecret = "q4dHVTDyViys4T0njCSSoS5Xto4GjA12"
             adminUsername = "rokkuadmin"
             adminPassword = "password"
             verifyToken {
                 checkRealmUrl = true
-                issuerForList = ""
+                issuerForList = "sts-rokku"
             }
         }