diff --git a/.github/workflows/ci-actions.yml b/.github/workflows/ci-actions.yml
index 5d42aa3dcfe9d..6b5c2329b134c 100644
--- a/.github/workflows/ci-actions.yml
+++ b/.github/workflows/ci-actions.yml
@@ -122,7 +122,7 @@ jobs:
services:
keycloak:
- image: quay.io/keycloak/keycloak:10.0.0
+ image: quay.io/keycloak/keycloak:10.0.1
env:
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: admin
@@ -506,7 +506,7 @@ jobs:
-server -Xms64m -Xmx512m -XX:MetaspaceSize=96M \
-XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djava.awt.headless=true \
-Dkeycloak.profile.feature.upload_scripts=enabled" \
- -d quay.io/keycloak/keycloak:10.0.0
+ -d quay.io/keycloak/keycloak:10.0.1
if: matrix.keycloak
- uses: actions/checkout@v2
- name: Set up JDK 11
diff --git a/bom/runtime/pom.xml b/bom/runtime/pom.xml
index 5ffda6084abd8..0c332b9cc2aa5 100644
--- a/bom/runtime/pom.xml
+++ b/bom/runtime/pom.xml
@@ -184,7 +184,7 @@
5.3.1
4.7.2
1.1.1.Final
- 10.0.0
+ 10.0.1
1.14.0
0.1.55
1.1.1
diff --git a/build-parent/pom.xml b/build-parent/pom.xml
index 5e8d698369aa1..1003be0e45b99 100644
--- a/build-parent/pom.xml
+++ b/build-parent/pom.xml
@@ -81,7 +81,7 @@
- quay.io/keycloak/keycloak:10.0.0
+ quay.io/keycloak/keycloak:10.0.1
4.0.13
diff --git a/integration-tests/oidc-code-flow/src/main/java/io/quarkus/it/keycloak/AdminClientResource.java b/integration-tests/keycloak-authorization/src/main/java/io/quarkus/it/keycloak/AdminClientResource.java
similarity index 100%
rename from integration-tests/oidc-code-flow/src/main/java/io/quarkus/it/keycloak/AdminClientResource.java
rename to integration-tests/keycloak-authorization/src/main/java/io/quarkus/it/keycloak/AdminClientResource.java
diff --git a/integration-tests/keycloak-authorization/src/main/resources/application.properties b/integration-tests/keycloak-authorization/src/main/resources/application.properties
index b2f46482ed213..018acbf03470e 100644
--- a/integration-tests/keycloak-authorization/src/main/resources/application.properties
+++ b/integration-tests/keycloak-authorization/src/main/resources/application.properties
@@ -49,3 +49,4 @@ quarkus.keycloak.policy-enforcer.paths.8.name=Public
quarkus.keycloak.policy-enforcer.paths.8.path=/hello
quarkus.keycloak.policy-enforcer.paths.8.enforcement-mode=DISABLED
+admin-url=${keycloak.url}
\ No newline at end of file
diff --git a/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/AdminClientTestCase.java b/integration-tests/keycloak-authorization/src/test/java/io/quarkus/it/keycloak/AdminClientTestCase.java
similarity index 100%
rename from integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/AdminClientTestCase.java
rename to integration-tests/keycloak-authorization/src/test/java/io/quarkus/it/keycloak/AdminClientTestCase.java
diff --git a/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/NativeAdminClientITCase.java b/integration-tests/keycloak-authorization/src/test/java/io/quarkus/it/keycloak/NativeAdminClientITCase.java
similarity index 100%
rename from integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/NativeAdminClientITCase.java
rename to integration-tests/keycloak-authorization/src/test/java/io/quarkus/it/keycloak/NativeAdminClientITCase.java
diff --git a/integration-tests/oidc-code-flow/pom.xml b/integration-tests/oidc-code-flow/pom.xml
index c1721eacd20ea..037aa2143050c 100644
--- a/integration-tests/oidc-code-flow/pom.xml
+++ b/integration-tests/oidc-code-flow/pom.xml
@@ -23,10 +23,6 @@
io.quarkus
quarkus-oidc
-
- io.quarkus
- quarkus-keycloak-admin-client
-
io.quarkus
quarkus-resteasy-jackson
diff --git a/integration-tests/oidc-code-flow/src/main/resources/application.properties b/integration-tests/oidc-code-flow/src/main/resources/application.properties
index d157f43a7937d..d34ab11ae27f8 100644
--- a/integration-tests/oidc-code-flow/src/main/resources/application.properties
+++ b/integration-tests/oidc-code-flow/src/main/resources/application.properties
@@ -1,6 +1,3 @@
-# Configuration file
-admin-url=${keycloak.url}
-
# Default tenant configuration
quarkus.oidc.auth-server-url=${keycloak.url}/realms/quarkus
quarkus.oidc.client-id=quarkus-app
diff --git a/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/KeycloakRealmResourceManager.java b/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/KeycloakRealmResourceManager.java
index 0567a80f25d3b..bc49802bf10e1 100644
--- a/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/KeycloakRealmResourceManager.java
+++ b/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/KeycloakRealmResourceManager.java
@@ -1,58 +1,75 @@
package io.quarkus.it.keycloak;
+import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
-import org.keycloak.admin.client.Keycloak;
-import org.keycloak.admin.client.KeycloakBuilder;
+import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.RolesRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
+import org.keycloak.util.JsonSerialization;
import io.quarkus.test.common.QuarkusTestResourceLifecycleManager;
+import io.restassured.RestAssured;
public class KeycloakRealmResourceManager implements QuarkusTestResourceLifecycleManager {
private static final String KEYCLOAK_SERVER_URL = System.getProperty("keycloak.url", "http://localhost:8180/auth");
- static final String KEYCLOAK_REALM = "quarkus";
-
- private Keycloak keycloak;
+ private static final String KEYCLOAK_REALM = "quarkus";
private List realms = new ArrayList<>();
@Override
public Map start() {
- keycloak = createKeycloakClient();
- RealmRepresentation realm = createRealm(KEYCLOAK_REALM);
- keycloak.realms().create(realm);
- realms.add(realm);
+ try {
+
+ RealmRepresentation realm = createRealm(KEYCLOAK_REALM);
+ createRealmInKeycloak(realm);
+ realms.add(realm);
- RealmRepresentation logoutRealm = createRealm("logout-realm");
- // revoke refresh tokens so that they can only be used once
- logoutRealm.setRevokeRefreshToken(true);
- logoutRealm.setRefreshTokenMaxReuse(0);
- logoutRealm.setSsoSessionMaxLifespan(15);
- logoutRealm.setAccessTokenLifespan(5);
- keycloak.realms().create(logoutRealm);
- realms.add(logoutRealm);
+ RealmRepresentation logoutRealm = createRealm("logout-realm");
+ // revoke refresh tokens so that they can only be used once
+ logoutRealm.setRevokeRefreshToken(true);
+ logoutRealm.setRefreshTokenMaxReuse(0);
+ logoutRealm.setSsoSessionMaxLifespan(15);
+ logoutRealm.setAccessTokenLifespan(5);
+ createRealmInKeycloak(logoutRealm);
+ realms.add(logoutRealm);
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
return Collections.emptyMap();
}
- private static Keycloak createKeycloakClient() {
- return KeycloakBuilder.builder()
- .serverUrl(KEYCLOAK_SERVER_URL)
- .realm("master")
- .clientId("admin-cli")
- .username("admin")
- .password("admin")
- .build();
+ private static String getAdminAccessToken() {
+ return RestAssured
+ .given()
+ .param("grant_type", "password")
+ .param("username", "admin")
+ .param("password", "admin")
+ .param("client_id", "admin-cli")
+ .when()
+ .post(KEYCLOAK_SERVER_URL + "/realms/master/protocol/openid-connect/token")
+ .as(AccessTokenResponse.class).getToken();
+ }
+
+ private static void createRealmInKeycloak(RealmRepresentation realm) throws IOException {
+ RestAssured
+ .given()
+ .auth().oauth2(getAdminAccessToken())
+ .contentType("application/json")
+ .body(JsonSerialization.writeValueAsBytes(realm))
+ .when()
+ .post(KEYCLOAK_SERVER_URL + "/admin/realms").then()
+ .statusCode(201);
}
private static RealmRepresentation createRealm(String name) {
@@ -62,8 +79,8 @@ private static RealmRepresentation createRealm(String name) {
realm.setEnabled(true);
realm.setUsers(new ArrayList<>());
realm.setClients(new ArrayList<>());
- realm.setSsoSessionMaxLifespan(3); // 3 seconds
- realm.setAccessTokenLifespan(4); // 4 seconds
+ realm.setSsoSessionMaxLifespan(3); // sec
+ realm.setAccessTokenLifespan(4); // 3 seconds
RolesRepresentation roles = new RolesRepresentation();
List realmRoles = new ArrayList<>();
@@ -84,26 +101,26 @@ private static RealmRepresentation createRealm(String name) {
return realm;
}
- private static ClientRepresentation createClient(String clientId) {
+ private static ClientRepresentation createClientJwt(String clientId) {
ClientRepresentation client = new ClientRepresentation();
client.setClientId(clientId);
client.setEnabled(true);
client.setRedirectUris(Arrays.asList("*"));
- client.setClientAuthenticatorType("client-secret");
- client.setSecret("secret");
+ client.setClientAuthenticatorType("client-secret-jwt");
+ client.setSecret("AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow");
return client;
}
- private static ClientRepresentation createClientJwt(String clientId) {
+ private static ClientRepresentation createClient(String clientId) {
ClientRepresentation client = new ClientRepresentation();
client.setClientId(clientId);
client.setEnabled(true);
client.setRedirectUris(Arrays.asList("*"));
- client.setClientAuthenticatorType("client-secret-jwt");
- client.setSecret("AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow");
+ client.setClientAuthenticatorType("client-secret");
+ client.setSecret("secret");
return client;
}
@@ -130,11 +147,11 @@ private static UserRepresentation createUser(String username, String... realmRol
@Override
public void stop() {
for (RealmRepresentation realm : realms) {
- try {
- keycloak.realm(realm.getRealm()).remove();
- } catch (Exception ignore) {
-
- }
+ RestAssured
+ .given()
+ .auth().oauth2(getAdminAccessToken())
+ .when()
+ .delete(KEYCLOAK_SERVER_URL + "/admin/realms/" + realm.getRealm()).thenReturn().prettyPrint();
}
}
}