test: move one external idp

ci/init-plugin-test-service.sh

@@ -51,6 +51,7 @@ after() {
     # configure keycloak
     docker exec apisix_keycloak bash /tmp/kcadm_configure_cas.sh
     docker exec apisix_keycloak bash /tmp/kcadm_configure_university.sh
+    docker exec apisix_keycloak bash /tmp/kcadm_configure_basic.sh
 
     # configure clickhouse
     echo 'CREATE TABLE default.test (`host` String, `client_ip` String, `route_id` String, `service_id` String, `@timestamp` String, PRIMARY KEY(`@timestamp`)) ENGINE = MergeTree()' | curl 'http://localhost:8123/' --data-binary @-

ci/pod/docker-compose.plugin.yml

@@ -57,6 +57,7 @@ services:
       - ./ci/pod/keycloak/server.key.pem:/opt/keycloak/conf/server.key.pem
       - ./ci/pod/keycloak/kcadm_configure_cas.sh:/tmp/kcadm_configure_cas.sh
       - ./ci/pod/keycloak/kcadm_configure_university.sh:/tmp/kcadm_configure_university.sh
+      - ./ci/pod/keycloak/kcadm_configure_basic.sh:/tmp/kcadm_configure_basic.sh
 
   ## kafka-cluster
   zookeeper-server1:

ci/pod/keycloak/kcadm_configure_basic.sh

@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+export PATH=/opt/keycloak/bin:$PATH
+
+kcadm.sh config credentials --server http://localhost:8080 --realm master --user admin --password admin
+
+# create realm 
+kcadm.sh create realms -s realm=basic -s enabled=true
+
+# create client test
+kcadm.sh create clients -r basic -s clientId=apisix -s enabled=true -s clientAuthenticatorType=client-secret -s secret=secret -s 'redirectUris=["*"]'

t/plugin/openid-connect.t

@@ -107,7 +107,7 @@ done
                                 "client_id": "kbyuFDidLLm280LIwVFiazOqjO3ty8KH",
                                 "client_secret": "60Op4HFM0I8ajz0WdiStAbziZ-VFQttXuxixHHs2R7r7-CW8GR79l-mmLqMhc-Sa",
                                 "client_rsa_private_key": "89ae4c8edadf1cd1c9f034335f136f87ad84b625c8f1",
-                                "discovery": "http://127.0.0.1:1980/.well-known/openid-configuration",
+                                "discovery": "http://127.0.0.1:8080/realms/basic/.well-known/openid-configuration",
                                 "redirect_uri": "https://iresty.com",
                                 "ssl_verify": false,
                                 "timeout": 10,
@@ -166,9 +166,9 @@ qO8TJbXcxCUnkkaTs3PxWDk5a54lv7FmngKQaxuXV4cL+7Kp1R4D8NS4w88so4e+
             local res, err = httpc:request_uri(uri, {method = "GET"})
             ngx.status = res.status
             local location = res.headers['Location']
-            if location and string.find(location, 'https://samples.auth0.com/authorize') ~= -1 and
+            if location and string.find(location, 'http://127.0.0.1:8080/realms/basic/protocol/openid-connect/auth') ~= -1 and
                 string.find(location, 'scope=apisix') ~= -1 and
-                string.find(location, 'client_id=kbyuFDidLLm280LIwVFiazOqjO3ty8KH') ~= -1 and
+                string.find(location, 'client_id=apisix') ~= -1 and
                 string.find(location, 'response_type=code') ~= -1 and
                 string.find(location, 'redirect_uri=https://iresty.com') ~= -1 then
                 ngx.say(true)