From 383b905dab1ccf7627403137ebe4980789925756 Mon Sep 17 00:00:00 2001 From: Alexander Schwartz Date: Thu, 7 Mar 2024 12:00:45 +0100 Subject: [PATCH] Limit the received content when handling the content as a String Closes #27293 Co-authored-by: rmartinc Signed-off-by: rmartinc Signed-off-by: Alexander Schwartz --- .../topics/changes/changes-25_0_0.adoc | 14 ++ .../broker/provider/util/SimpleHttp.java | 52 ++++--- .../httpclient/HttpClientProvider.java | 13 ++ .../httpclient/SafeInputStream.java | 69 +++++++++ .../broker/provider/util/SimpleHttpTest.java | 62 +++++--- .../httpclient/DefaultHttpClientFactory.java | 34 +++-- .../httpclient/SafeBasicResponseHandler.java | 41 ++++++ .../httpclient/SafeHttpEntity.java | 88 ++++++++++++ .../SafeBasicResponseHandlerTest.java | 68 +++++++++ .../broker/util/SimpleHttpDefault.java | 52 +++++++ .../keycloak/testsuite/util/OAuthClient.java | 5 +- .../account/AbstractRestServiceTest.java | 3 +- ...ountRestServiceReadOnlyAttributesTest.java | 15 +- .../account/AccountRestServiceTest.java | 133 +++++++++--------- ...AccountRestServiceWithUserProfileTest.java | 5 +- .../LinkedAccountsRestServiceTest.java | 7 +- .../account/ResourcesRestServiceTest.java | 21 +-- .../account/SessionRestServiceTest.java | 27 ++-- .../admin/AdminConsoleLandingPageTest.java | 3 +- ...AdminConsolePermissionsCalculatedTest.java | 3 +- .../admin/AdminConsoleWhoAmILocaleTest.java | 13 +- .../testsuite/broker/KcOidcBrokerTest.java | 3 +- .../KcOidcBrokerTransientSessionsTest.java | 3 +- .../error/UncaughtErrorPageTest.java | 3 +- .../ldap/LDAPAccountRestApiTest.java | 27 ++-- ...BackwardsCompatibilityUserStorageTest.java | 5 +- .../migration/AbstractMigrationTest.java | 3 +- .../testsuite/oauth/OAuthRedirectUriTest.java | 5 +- .../testsuite/oauth/TokenRevocationTest.java | 3 +- .../oidc/OIDCAdvancedRequestParamsTest.java | 9 +- .../oidc/OIDCWellKnownProviderTest.java | 5 +- .../testsuite/url/DefaultHostnameTest.java | 7 +- 32 files changed, 607 insertions(+), 194 deletions(-) create mode 100644 server-spi-private/src/main/java/org/keycloak/connections/httpclient/SafeInputStream.java create mode 100644 services/src/main/java/org/keycloak/connections/httpclient/SafeBasicResponseHandler.java create mode 100644 services/src/main/java/org/keycloak/connections/httpclient/SafeHttpEntity.java create mode 100644 services/src/test/java/org/keycloak/connections/httpclient/SafeBasicResponseHandlerTest.java create mode 100644 testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/broker/util/SimpleHttpDefault.java diff --git a/docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc b/docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc index 8a9601781f3a..ba82f9e3375f 100644 --- a/docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc +++ b/docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc @@ -4,6 +4,20 @@ The nonce claim is now only added to the ID token strictly following the OpenID A new `Nonce backwards compatible` mapper is also included in the software that can be assigned to client scopes to revert to the old behavior. For example, the JS adapter checked the returned `nonce` claim in all the tokens before fixing issue https://github.com/keycloak/keycloak/issues/26651[#26651] in version 24.0.0. Therefore, if an old version of the JS adapter is used, the mapper should be added to the required clients by using client scopes. += Limiting memory usage when consuming HTTP responses + +In some scenarios like brokering Keycloak uses HTTP to talk to external servers. +To avoid a denial of service when those providers send too much data, {project_name} now restricts responses to 10 MB by default. + +Users can configure this limit by setting the provider configuration option `spi-connections-http-client-default-max-consumed-response-size`: + +.Restricting the consumed responses to 1 MB +[source,bash] +---- +bin/kc.[sh|bat] --spi-connections-http-client-default-max-consumed-response-size=1000000 +---- + + = Removed a model module The module `org.keycloak:keycloak-model-legacy` module was deprecated in a previous release and is removed in this release. Use the `org.keycloak:keycloak-model-storage` module instead. diff --git a/server-spi-private/src/main/java/org/keycloak/broker/provider/util/SimpleHttp.java b/server-spi-private/src/main/java/org/keycloak/broker/provider/util/SimpleHttp.java index d40274c159f1..dc3c917acfa9 100755 --- a/server-spi-private/src/main/java/org/keycloak/broker/provider/util/SimpleHttp.java +++ b/server-spi-private/src/main/java/org/keycloak/broker/provider/util/SimpleHttp.java @@ -43,6 +43,7 @@ import org.apache.http.message.BasicNameValuePair; import org.keycloak.common.util.Base64; import org.keycloak.connections.httpclient.HttpClientProvider; +import org.keycloak.connections.httpclient.SafeInputStream; import org.keycloak.models.KeycloakSession; import org.keycloak.util.JsonSerialization; @@ -86,48 +87,54 @@ public class SimpleHttp { private int connectionRequestTimeoutMillis = UNDEFINED_TIMEOUT; + private long maxConsumedResponseSize; + private RequestConfig.Builder requestConfigBuilder; - protected SimpleHttp(String url, String method, HttpClient client) { + protected SimpleHttp(String url, String method, HttpClient client, long maxConsumedResponseSize) { this.client = client; this.url = url; this.method = method; + this.maxConsumedResponseSize = maxConsumedResponseSize; } public static SimpleHttp doDelete(String url, KeycloakSession session) { - return doDelete(url, session.getProvider(HttpClientProvider.class).getHttpClient()); + HttpClientProvider provider = session.getProvider(HttpClientProvider.class); + return doDelete(url, provider.getHttpClient(), provider.getMaxConsumedResponseSize()); } - public static SimpleHttp doDelete(String url, HttpClient client) { - return new SimpleHttp(url, "DELETE", client); + protected static SimpleHttp doDelete(String url, HttpClient client, long maxConsumedResponseSize) { + return new SimpleHttp(url, "DELETE", client, maxConsumedResponseSize); } public static SimpleHttp doGet(String url, KeycloakSession session) { - return doGet(url, session.getProvider(HttpClientProvider.class).getHttpClient()); + HttpClientProvider provider = session.getProvider(HttpClientProvider.class); + return doGet(url, provider.getHttpClient(), provider.getMaxConsumedResponseSize()); } - public static SimpleHttp doGet(String url, HttpClient client) { - return new SimpleHttp(url, "GET", client); + protected static SimpleHttp doGet(String url, HttpClient client, long maxConsumedResponseSize) { + return new SimpleHttp(url, "GET", client, maxConsumedResponseSize); } public static SimpleHttp doPost(String url, KeycloakSession session) { - return doPost(url, session.getProvider(HttpClientProvider.class).getHttpClient()); + HttpClientProvider provider = session.getProvider(HttpClientProvider.class); + return doPost(url, provider.getHttpClient(), provider.getMaxConsumedResponseSize()); } - public static SimpleHttp doPost(String url, HttpClient client) { - return new SimpleHttp(url, "POST", client); + protected static SimpleHttp doPost(String url, HttpClient client, long maxConsumedResponseSize) { + return new SimpleHttp(url, "POST", client, maxConsumedResponseSize); } - public static SimpleHttp doPut(String url, HttpClient client) { - return new SimpleHttp(url, "PUT", client); + protected static SimpleHttp doPut(String url, HttpClient client, long maxConsumedResponseSize) { + return new SimpleHttp(url, "PUT", client, maxConsumedResponseSize); } - public static SimpleHttp doHead(String url, HttpClient client) { - return new SimpleHttp(url, "HEAD", client); + protected static SimpleHttp doHead(String url, HttpClient client, long maxConsumedResponseSize) { + return new SimpleHttp(url, "HEAD", client, maxConsumedResponseSize); } - public static SimpleHttp doPatch(String url, HttpClient client) { - return new SimpleHttp(url, "PATCH", client); + protected static SimpleHttp doPatch(String url, HttpClient client, long maxConsumedResponseSize) { + return new SimpleHttp(url, "PATCH", client, maxConsumedResponseSize); } public SimpleHttp header(String name, String value) { @@ -178,6 +185,11 @@ public SimpleHttp connectionRequestTimeoutMillis(int timeout) { return this; } + public SimpleHttp setMaxConsumedResponseSize(long maxConsumedResponseSize) { + this.maxConsumedResponseSize = maxConsumedResponseSize; + return this; + } + public SimpleHttp auth(String token) { header("Authorization", "Bearer " + token); return this; @@ -296,7 +308,7 @@ private Response makeRequest() throws IOException { httpRequest.setConfig(requestConfigBuilder.build()); } - return new Response(client.execute(httpRequest)); + return new Response(client.execute(httpRequest), maxConsumedResponseSize); } private RequestConfig.Builder requestConfigBuilder() { @@ -341,12 +353,14 @@ private UrlEncodedFormEntity getFormEntityFromParameter() throws IOException{ public static class Response implements AutoCloseable { private final HttpResponse response; + private final long maxConsumedResponseSize; private int statusCode = -1; private String responseString; private ContentType contentType; - public Response(HttpResponse response) { + public Response(HttpResponse response, long maxConsumedResponseSize) { this.response = response; + this.maxConsumedResponseSize = maxConsumedResponseSize; } private void readResponse() throws IOException { @@ -368,6 +382,8 @@ private void readResponse() throws IOException { } } + is = new SafeInputStream(is, maxConsumedResponseSize); + try (InputStreamReader reader = charset == null ? new InputStreamReader(is, StandardCharsets.UTF_8) : new InputStreamReader(is, charset)) { diff --git a/server-spi-private/src/main/java/org/keycloak/connections/httpclient/HttpClientProvider.java b/server-spi-private/src/main/java/org/keycloak/connections/httpclient/HttpClientProvider.java index 34f9a05e66bb..c0169c776aff 100755 --- a/server-spi-private/src/main/java/org/keycloak/connections/httpclient/HttpClientProvider.java +++ b/server-spi-private/src/main/java/org/keycloak/connections/httpclient/HttpClientProvider.java @@ -54,6 +54,8 @@ public interface HttpClientProvider extends Provider { * Helper method to retrieve the contents of a URL as a String. * Decoding response with the correct character set is performed according to the headers returned in the server's response. * To retrieve binary data, use {@link #getInputStream(String)} + * + * Implementations should limit the amount of data returned to avoid an {@link OutOfMemoryError}. * * @param uri URI with data to receive. * @return Body of the response as a String. @@ -90,4 +92,15 @@ default InputStream get(String uri) throws IOException { return getInputStream(uri); } + long DEFAULT_MAX_CONSUMED_RESPONSE_SIZE = 10_000_000L; + + /** + * Get the configured limit for the response size. + * + * @return number of bytes + */ + default long getMaxConsumedResponseSize() { + return DEFAULT_MAX_CONSUMED_RESPONSE_SIZE; + } + } diff --git a/server-spi-private/src/main/java/org/keycloak/connections/httpclient/SafeInputStream.java b/server-spi-private/src/main/java/org/keycloak/connections/httpclient/SafeInputStream.java new file mode 100644 index 000000000000..f203b9634f8a --- /dev/null +++ b/server-spi-private/src/main/java/org/keycloak/connections/httpclient/SafeInputStream.java @@ -0,0 +1,69 @@ +/* + * Copyright 2024 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.connections.httpclient; + +import java.io.IOException; +import java.io.InputStream; + +/** + * Limit the amount of data read to prevent a {@link OutOfMemoryError}. + * + * @author Alexander Schwartz + */ +public class SafeInputStream extends InputStream { + + private long bytesConsumed; + private final InputStream delegate; + private final long maxBytesToConsume; + + public SafeInputStream(InputStream delegate, long maxBytesToConsume) { + this.delegate = delegate; + this.maxBytesToConsume = maxBytesToConsume; + } + + @Override + public int read(byte[] b, int off, int len) throws IOException { + int sizeRead = delegate.read(b, off, len); + if (sizeRead > 0) { + bytesConsumed += sizeRead; + } + checkConsumedBytes(); + return sizeRead; + } + + private void checkConsumedBytes() throws IOException { + if (bytesConsumed > maxBytesToConsume) { + throw new IOException(String.format("Response is at least %s bytes in size, with max bytes to be consumed being %d", bytesConsumed, maxBytesToConsume)); + } + } + + @Override + public int read() throws IOException { + int result = delegate.read(); + if (result > 0) { + ++bytesConsumed; + } + checkConsumedBytes(); + return result; + } + + @Override + public void close() throws IOException { + delegate.close(); + } +} diff --git a/server-spi-private/src/test/java/org/keycloak/broker/provider/util/SimpleHttpTest.java b/server-spi-private/src/test/java/org/keycloak/broker/provider/util/SimpleHttpTest.java index 1058deb58224..6b5e6b3f31cf 100644 --- a/server-spi-private/src/test/java/org/keycloak/broker/provider/util/SimpleHttpTest.java +++ b/server-spi-private/src/test/java/org/keycloak/broker/provider/util/SimpleHttpTest.java @@ -4,8 +4,9 @@ import org.apache.http.HttpHost; import org.apache.http.HttpRequest; import org.apache.http.HttpResponse; +import org.apache.http.HttpStatus; import org.apache.http.HttpVersion; -import org.apache.http.client.ClientProtocolException; +import org.apache.http.ProtocolVersion; import org.apache.http.client.HttpClient; import org.apache.http.client.ResponseHandler; import org.apache.http.client.methods.HttpPost; @@ -20,7 +21,9 @@ import org.junit.runner.RunWith; import org.junit.runners.Parameterized; import org.junit.runners.Parameterized.Parameters; +import org.keycloak.common.util.SecretGenerator; import org.keycloak.common.util.StreamUtil; +import org.keycloak.connections.httpclient.HttpClientProvider; import java.io.IOException; import java.net.URLEncoder; @@ -29,8 +32,11 @@ import java.util.Arrays; import java.util.Collection; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.startsWith; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotEquals; +import static org.junit.Assert.assertThrows; import static org.junit.Assert.fail; /** @@ -64,7 +70,7 @@ public static Collection entities() { @Test public void withCharset() throws IOException { HttpResponse httpResponse = createBasicResponse(entity); - SimpleHttp.Response response = new SimpleHttp.Response(httpResponse); + SimpleHttp.Response response = new SimpleHttp.Response(httpResponse, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE); if (success) { assertEquals(original, response.asString()); } else { @@ -90,21 +96,39 @@ public RequestConsideringEncodingTest(String value) { @Parameters(name = "{index}: requestWithEncoding({0})") public static Collection entities() { - return Arrays.asList(new Object[][] { { "English" }, { "Русский" }, { "GermanÜmläütß" } }); + return Arrays.asList(new Object[][] { + { "English" }, + { "Русский" }, + { "GermanÜmläütß" }, + { SecretGenerator.getInstance().randomString(1000) }, + { SecretGenerator.getInstance().randomString(1024) } + }); } @Test public void requestWithEncoding() throws IOException { + String expectedResponse = "{\"value\":\"" + value + "\"}"; HttpClientMock client = new HttpClientMock(); - SimpleHttp.doPost("", client).json(new DummyEntity(value)).asResponse(); - assertEquals("{\"value\":\"" + value + "\"}", client.data); + if (expectedResponse.getBytes(StandardCharsets.UTF_8).length < 1024) { + SimpleHttp.Response response = SimpleHttp.doPost("", client, 1024).json(new DummyEntity(value)).asResponse(); + assertEquals(expectedResponse, response.asString()); + } else { + IOException e = assertThrows(IOException.class, () -> SimpleHttp.doPost("", client, 1024).json(new DummyEntity(value)).asResponse().asString()); + assertThat(e.getMessage(), startsWith("Response is at least")); + } } @Test public void requestWithEncodingParam() throws IOException { + String expectedResponse = "dummy=" + URLEncoder.encode(value, "UTF-8"); HttpClientMock client = new HttpClientMock(); - SimpleHttp.doPost("", client).param("dummy", value).asResponse(); - assertEquals("dummy=" + URLEncoder.encode(value, "UTF-8"), client.data); + if (expectedResponse.getBytes(StandardCharsets.UTF_8).length < 1024) { + SimpleHttp.Response response = SimpleHttp.doPost("", client, 1024).param("dummy", value).asResponse(); + assertEquals(expectedResponse, response.asString()); + } else { + IOException e = assertThrows(IOException.class, () -> SimpleHttp.doPost("", client, 1024).json(new DummyEntity(value)).asResponse().asString()); + assertThat(e.getMessage(), startsWith("Response is at least")); + } } public static final class DummyEntity { @@ -119,8 +143,6 @@ public DummyEntity(String value) { */ public static final class HttpClientMock implements HttpClient { - String data; - @Override public HttpParams getParams() { fail(); return null; @@ -132,50 +154,52 @@ public ClientConnectionManager getConnectionManager() { } @Override - public HttpResponse execute(HttpUriRequest paramHttpUriRequest) throws IOException, ClientProtocolException { + public HttpResponse execute(HttpUriRequest paramHttpUriRequest) throws IOException { HttpPost post = (HttpPost) paramHttpUriRequest; - data = StreamUtil.readString(post.getEntity().getContent()); - return null; + String content = StreamUtil.readString(post.getEntity().getContent(), StandardCharsets.UTF_8); + BasicHttpResponse httpResponse = new BasicHttpResponse(new ProtocolVersion("HTTP", 1, 1), HttpStatus.SC_OK, "OK"); + httpResponse.setEntity(new StringEntity(content, StandardCharsets.UTF_8)); + return httpResponse; } @Override public HttpResponse execute(HttpUriRequest paramHttpUriRequest, HttpContext paramHttpContext) - throws IOException, ClientProtocolException { + throws IOException { fail(); return null; } @Override - public HttpResponse execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest) throws IOException, ClientProtocolException { + public HttpResponse execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest) throws IOException { fail(); return null; } @Override public HttpResponse execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest, HttpContext paramHttpContext) - throws IOException, ClientProtocolException { + throws IOException { fail(); return null; } @Override public T execute(HttpUriRequest paramHttpUriRequest, ResponseHandler paramResponseHandler) - throws IOException, ClientProtocolException { + throws IOException { fail(); return null; } @Override public T execute(HttpUriRequest paramHttpUriRequest, ResponseHandler paramResponseHandler, - HttpContext paramHttpContext) throws IOException, ClientProtocolException { + HttpContext paramHttpContext) throws IOException { fail(); return null; } @Override public T execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest, ResponseHandler paramResponseHandler) - throws IOException, ClientProtocolException { + throws IOException { fail(); return null; } @Override public T execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest, ResponseHandler paramResponseHandler, - HttpContext paramHttpContext) throws IOException, ClientProtocolException { + HttpContext paramHttpContext) throws IOException { fail(); return null; } diff --git a/services/src/main/java/org/keycloak/connections/httpclient/DefaultHttpClientFactory.java b/services/src/main/java/org/keycloak/connections/httpclient/DefaultHttpClientFactory.java index c5b52fb6593c..4854cc6cc990 100755 --- a/services/src/main/java/org/keycloak/connections/httpclient/DefaultHttpClientFactory.java +++ b/services/src/main/java/org/keycloak/connections/httpclient/DefaultHttpClientFactory.java @@ -41,6 +41,7 @@ import java.security.KeyStore; import java.util.List; import java.util.concurrent.TimeUnit; + import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.util.EntityUtils; @@ -49,20 +50,11 @@ /** * The default {@link HttpClientFactory} for {@link HttpClientProvider HttpClientProvider's} used by Keycloak for outbound HTTP calls. *

- * The constructed clients can be configured via Keycloaks SPI configuration, e.g. {@code standalone.xml, standalone-ha.xml, domain.xml}. - *

+ * Example for Quarkus configuration: *

- * Examples for jboss-cli - *

- * 
  * {@code
- *
- * /subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:add(enabled=true)
- * /subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:write-attribute(name=properties.connection-pool-size,value=128)
- * /subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:write-attribute(name=properties.proxy-mappings,value=[".*\\.(google|googleapis)\\.com;http://www-proxy.acme.corp.com:8080",".*\\.acme\\.corp\\.com;NO_PROXY",".*;http://fallback:8080"])
+ * spi-connections-http-client-default-connection-pool-size=10
  * }
- *
- *

* @author Stian Thorgersen */ public class DefaultHttpClientFactory implements HttpClientFactory { @@ -73,13 +65,15 @@ public class DefaultHttpClientFactory implements HttpClientFactory { private static final String HTTPS_PROXY = "https_proxy"; private static final String HTTP_PROXY = "http_proxy"; private static final String NO_PROXY = "no_proxy"; + public static final String MAX_CONSUMED_RESPONSE_SIZE = "max-consumed-response-size"; private volatile CloseableHttpClient httpClient; private Config.Scope config; - private final BasicResponseHandler stringResponseHandler = new BasicResponseHandler(); + private BasicResponseHandler stringResponseHandler; private final InputStreamResponseHandler inputStreamResponseHandler = new InputStreamResponseHandler(); + private long maxConsumedResponseSize; private static class InputStreamResponseHandler extends AbstractResponseHandler { @@ -144,6 +138,11 @@ public InputStream getInputStream(String uri) throws IOException { } return body; } + + @Override + public long getMaxConsumedResponseSize() { + return maxConsumedResponseSize; + } }; } @@ -153,7 +152,7 @@ public void close() { if (httpClient != null) { httpClient.close(); } - } catch (IOException e) { + } catch (IOException ignored) { } } @@ -254,7 +253,8 @@ private void lazyInit(KeycloakSession session) { @Override public void postInit(KeycloakSessionFactory factory) { - + maxConsumedResponseSize = config.getLong(MAX_CONSUMED_RESPONSE_SIZE, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE); + stringResponseHandler = new SafeBasicResponseHandler(maxConsumedResponseSize); } @Override @@ -334,6 +334,12 @@ public List getConfigMetadata() { .type("string") .helpText("Denotes the combination of a regex based hostname pattern and a proxy-uri in the form of hostnamePattern;proxyUri.") .add() + .property() + .name(MAX_CONSUMED_RESPONSE_SIZE) + .type("long") + .helpText("Maximum size of a response consumed by the client (to prevent denial of service)") + .defaultValue(HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE) + .add() .build(); } diff --git a/services/src/main/java/org/keycloak/connections/httpclient/SafeBasicResponseHandler.java b/services/src/main/java/org/keycloak/connections/httpclient/SafeBasicResponseHandler.java new file mode 100644 index 000000000000..d8bdf60c934c --- /dev/null +++ b/services/src/main/java/org/keycloak/connections/httpclient/SafeBasicResponseHandler.java @@ -0,0 +1,41 @@ +/* + * Copyright 2024 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.connections.httpclient; + +import org.apache.http.HttpEntity; +import org.apache.http.impl.client.BasicResponseHandler; + +import java.io.IOException; + +/** + * Limit the amount of data read to prevent a {@link OutOfMemoryError}. + * + * @author Alexander Schwartz + */ +class SafeBasicResponseHandler extends BasicResponseHandler { + private final long maxConsumedResponseSize; + + SafeBasicResponseHandler(long maxConsumedResponseSize) { + this.maxConsumedResponseSize = maxConsumedResponseSize; + } + + @Override + public String handleEntity(HttpEntity entity) throws IOException { + return super.handleEntity(new SafeHttpEntity(entity, maxConsumedResponseSize)); + } +} diff --git a/services/src/main/java/org/keycloak/connections/httpclient/SafeHttpEntity.java b/services/src/main/java/org/keycloak/connections/httpclient/SafeHttpEntity.java new file mode 100644 index 000000000000..1d1023d29877 --- /dev/null +++ b/services/src/main/java/org/keycloak/connections/httpclient/SafeHttpEntity.java @@ -0,0 +1,88 @@ +/* + * Copyright 2024 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.connections.httpclient; + +import org.apache.http.Header; +import org.apache.http.HttpEntity; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; + +/** + * Limit the amount of data read to prevent a {@link OutOfMemoryError}. + * + * @author Alexander Schwartz + */ +class SafeHttpEntity implements HttpEntity { + + private final HttpEntity delegate; + private final long maxConsumedResponseSize; + + SafeHttpEntity(HttpEntity delegate, long maxConsumedResponseSize) { + this.delegate = delegate; + this.maxConsumedResponseSize = maxConsumedResponseSize; + } + + @Override + public boolean isRepeatable() { + return delegate.isRepeatable(); + } + + @Override + public boolean isChunked() { + return delegate.isChunked(); + } + + @Override + public long getContentLength() { + return delegate.getContentLength(); + } + + @Override + public Header getContentType() { + return delegate.getContentType(); + } + + @Override + public Header getContentEncoding() { + return delegate.getContentEncoding(); + } + + @Override + public InputStream getContent() throws IOException, UnsupportedOperationException { + return new SafeInputStream(delegate.getContent(), maxConsumedResponseSize); + } + + @Override + public void writeTo(OutputStream outputStream) throws IOException { + delegate.writeTo(outputStream); + } + + @Override + public boolean isStreaming() { + return delegate.isStreaming(); + } + + @Override + @Deprecated + public void consumeContent() throws IOException { + delegate.consumeContent(); + } + +} diff --git a/services/src/test/java/org/keycloak/connections/httpclient/SafeBasicResponseHandlerTest.java b/services/src/test/java/org/keycloak/connections/httpclient/SafeBasicResponseHandlerTest.java new file mode 100644 index 000000000000..f006d1e9fa09 --- /dev/null +++ b/services/src/test/java/org/keycloak/connections/httpclient/SafeBasicResponseHandlerTest.java @@ -0,0 +1,68 @@ +/* + * Copyright 2024 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.connections.httpclient; + +import org.apache.http.HttpEntity; +import org.apache.http.entity.StringEntity; +import org.hamcrest.MatcherAssert; +import org.hamcrest.Matchers; +import org.junit.Assert; +import org.junit.Test; + +import java.io.IOException; +import java.io.InputStream; +import java.io.UnsupportedEncodingException; +import java.util.concurrent.atomic.AtomicBoolean; + +/** + * @author Alexander Schwartz + */ +public class SafeBasicResponseHandlerTest { + + @Test + public void shouldThrowExceptionForLongResponses() throws UnsupportedEncodingException { + // arrange + AtomicBoolean inputStreamHasBeenClosed = new AtomicBoolean(false); + HttpEntity entity = new StringEntity("1234567890") { + @Override + public InputStream getContent() throws IOException { + InputStream delegate = super.getContent(); + return new InputStream() { + @Override + public int read() throws IOException { + return delegate.read(); + } + + @Override + public void close() throws IOException { + super.close(); + inputStreamHasBeenClosed.set(true); + } + }; + } + }; + + // act + IOException exception = Assert.assertThrows(IOException.class, () -> new SafeBasicResponseHandler(5).handleEntity(entity)); + + // assert + MatcherAssert.assertThat("Too long response should throw an exception", exception.getMessage(), Matchers.startsWith("Response is at least")); + MatcherAssert.assertThat("Stream should have been closed", inputStreamHasBeenClosed.get(), Matchers.is(true)); + } + +} \ No newline at end of file diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/broker/util/SimpleHttpDefault.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/broker/util/SimpleHttpDefault.java new file mode 100644 index 000000000000..dc14ad579e98 --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/broker/util/SimpleHttpDefault.java @@ -0,0 +1,52 @@ +/* + * Copyright 2024 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.testsuite.broker.util; + +import org.apache.http.client.HttpClient; +import org.keycloak.broker.provider.util.SimpleHttp; +import org.keycloak.connections.httpclient.HttpClientProvider; + +/** + * This class provides additional builders used in tests to create instances of SimpleHttpTest with a default length response size set. + * + * @author Alexander Schwartz + */ +public abstract class SimpleHttpDefault extends SimpleHttp { + + protected SimpleHttpDefault(String url, String method, HttpClient client, long maxConsumedResponseSize) { + // dummy constructor, only needed to make the compiler happy + super(url, method, client, maxConsumedResponseSize); + } + + public static SimpleHttp doDelete(String url, HttpClient client) { + return SimpleHttp.doDelete(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE); + } + + public static SimpleHttp doPost(String url, HttpClient client) { + return SimpleHttp.doPost(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE); + } + + public static SimpleHttp doPut(String url, HttpClient client) { + return SimpleHttp.doPut(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE); + } + + public static SimpleHttp doGet(String url, HttpClient client) { + return SimpleHttp.doGet(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE); + } + +} diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java index 501cd2414f9e..4fcd2b07f95e 100644 --- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java +++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java @@ -72,6 +72,7 @@ import org.keycloak.representations.UserInfo; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.services.managers.AuthenticationManager; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.runonserver.RunOnServerException; import org.keycloak.util.BasicAuthHelper; import org.keycloak.util.JsonSerialization; @@ -1127,7 +1128,7 @@ public AccessTokenResponse doDeviceTokenRequest(String clientId, String clientSe public OIDCConfigurationRepresentation doWellKnownRequest(String realm) { try (CloseableHttpClient client = HttpClientBuilder.create().build()) { - SimpleHttp request = SimpleHttp.doGet(baseUrl + "/realms/" + realm + "/.well-known/openid-configuration", + SimpleHttp request = SimpleHttpDefault.doGet(baseUrl + "/realms/" + realm + "/.well-known/openid-configuration", client); if (requestHeaders != null) { for (Map.Entry entry : requestHeaders.entrySet()) { @@ -2196,7 +2197,7 @@ private KeyWrapper getRealmPublicKey(String realm, String algorithm, String kid) private JSONWebKeySet getRealmKeys(String realm) { String certUrl = baseUrl + "/realms/" + realm + "/protocol/openid-connect/certs"; try (CloseableHttpClient client = httpClient.get()){ - return SimpleHttp.doGet(certUrl, client).asJson(JSONWebKeySet.class); + return SimpleHttpDefault.doGet(certUrl, client).asJson(JSONWebKeySet.class); } catch (IOException e) { throw new RuntimeException("Failed to retrieve keys", e); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AbstractRestServiceTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AbstractRestServiceTest.java index d1850acdfd9c..4de16d31f87b 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AbstractRestServiceTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AbstractRestServiceTest.java @@ -38,6 +38,7 @@ import org.keycloak.testsuite.AbstractTestRealmKeycloakTest; import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.arquillian.annotation.DisableFeature; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.util.ClientBuilder; import org.keycloak.testsuite.util.TokenUtil; import org.keycloak.testsuite.util.UserBuilder; @@ -139,7 +140,7 @@ public void testFeatureDoesntWorkWhenDisabled() { // Check if the feature really works private void checkIfFeatureWorks(boolean shouldWorks) { try { - List sessions = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).auth(tokenUtil.getToken()) + List sessions = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).auth(tokenUtil.getToken()) .asJson(new TypeReference>() { }); assertEquals(1, sessions.size()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceReadOnlyAttributesTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceReadOnlyAttributesTest.java index d0e8dc6d53ea..2a0c3030c04a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceReadOnlyAttributesTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceReadOnlyAttributesTest.java @@ -40,6 +40,7 @@ import org.keycloak.representations.userprofile.config.UPConfig; import org.keycloak.services.messages.Messages; import org.keycloak.testsuite.admin.ApiUtil; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.userprofile.UserProfileConstants; import static org.hamcrest.Matchers.contains; @@ -149,7 +150,7 @@ private void testAccountUpdateAttributeExpectFailure(String attrName) throws IOE private void testAccountUpdateAttributeExpectFailure(String attrName, boolean deniedForAdminAsWell) throws IOException { // Attribute not yet supposed to be on the user - UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); + UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); assertThat(Optional.ofNullable(user.getAttributes()).orElse(Map.of()).keySet(), not(contains(attrName))); // Assert not possible to add the attribute to the user @@ -175,7 +176,7 @@ private void testAccountUpdateAttributeExpectFailure(String attrName, boolean de } // Update attribute of the user with account REST to the same value (Case when we are updating existing attribute) - should be fine as our attribute is not changed - user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); + user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); Assert.assertEquals("foo", user.getAttributes().get(attrName).get(0)); user.singleAttribute("someOtherAttr", "foo"); user = updateAndGet(user); @@ -198,7 +199,7 @@ private void testAccountUpdateAttributeExpectFailure(String attrName, boolean de private void testAccountUpdateAttributeExpectSuccess(String attrName) throws IOException { // Attribute not yet supposed to be on the user - UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); + UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); assertThat(Optional.ofNullable(user.getAttributes()).orElse(Map.of()).keySet(), not(contains(attrName))); // Assert not possible to add the attribute to the user @@ -206,7 +207,7 @@ private void testAccountUpdateAttributeExpectSuccess(String attrName) throws IOE user = updateAndGet(user); // Update attribute of the user with account REST to the same value (Case when we are updating existing attribute) - should be fine as our attribute is not changed - user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); + user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); Assert.assertEquals("foo", user.getAttributes().get(attrName).get(0)); user.singleAttribute("someOtherAttr", "foo"); user = updateAndGet(user); @@ -226,18 +227,18 @@ private void testAccountUpdateAttributeExpectSuccess(String attrName) throws IOE } private UserRepresentation updateAndGet(UserRepresentation user) throws IOException { - int status = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus(); + int status = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus(); assertEquals(204, status); return get(); } private UserRepresentation get() throws IOException { - return SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); + return SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); } private void updateError(UserRepresentation user, int expectedStatus, String expectedMessage) throws IOException { - SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); assertEquals(expectedStatus, response.getStatus()); assertEquals(expectedMessage, response.asJson(ErrorRepresentation.class).getErrorMessage()); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java index d5ba7b1ad639..abf838881e9a 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java @@ -69,6 +69,7 @@ import org.keycloak.testsuite.admin.ApiUtil; import org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest; import org.keycloak.testsuite.arquillian.annotation.EnableFeature; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.forms.VerifyProfileTest; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.util.TokenUtil; @@ -297,7 +298,7 @@ public void testUpdateSingleField() throws IOException { user.setFirstName(originalFirstName); user.setLastName(originalLastName); user.setEmail(originalEmail); - SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); System.out.println(response.asString()); assertEquals(204, response.getStatus()); } @@ -345,7 +346,7 @@ public void testUpdateProfileEmailChangeSetsEmailVerified() throws IOException { adminClient.realm("test").update(realmRep); user.setEmail(originalEmail); - SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); System.out.println(response.asString()); assertEquals(204, response.getStatus()); } @@ -405,7 +406,7 @@ public void testUpdateProfileEvent() throws IOException { user.setFirstName(originalFirstName); user.setLastName(originalLastName); user.setEmail(originalEmail); - SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); System.out.println(response.asString()); assertEquals(204, response.getStatus()); } @@ -512,7 +513,7 @@ public void testUpdateProfile() throws IOException { user.setFirstName(originalFirstName); user.setLastName(originalLastName); user.setEmail(originalEmail); - SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); System.out.println(response.asString()); assertEquals(204, response.getStatus()); } @@ -562,7 +563,7 @@ public void testUpdateProfileCannotChangeThroughAttributes() throws IOException user.setUsername(originalUsername); user.setAttributes(originalAttributes); - SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); System.out.println(response.asString()); assertEquals(204, response.getStatus()); } @@ -586,7 +587,7 @@ public void testUpdateProfileWithRegistrationEmailAsUsername() throws IOExceptio assertEquals("Homer1", user.getFirstName()); } finally { user.setFirstName(originalFirstname); - int status = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus(); + int status = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus(); assertEquals(204, status); } } @@ -601,7 +602,7 @@ protected UserRepresentation getUser(boolean fetchMetadata) throws IOException { } protected static UserRepresentation getUser(String accountUrl, CloseableHttpClient httpClient, TokenUtil tokenUtil) throws IOException { - SimpleHttp a = SimpleHttp.doGet(accountUrl, httpClient).auth(tokenUtil.getToken()); + SimpleHttp a = SimpleHttpDefault.doGet(accountUrl, httpClient).auth(tokenUtil.getToken()); try { return a.asJson(UserRepresentation.class); @@ -612,7 +613,7 @@ protected static UserRepresentation getUser(String accountUrl, CloseableHttpClie } protected UserRepresentation updateAndGet(UserRepresentation user) throws IOException { - SimpleHttp a = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user); + SimpleHttp a = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user); try { assertEquals(204, a.asStatus()); } catch (AssertionError e) { @@ -624,7 +625,7 @@ protected UserRepresentation updateAndGet(UserRepresentation user) throws IOExce protected void updateError(UserRepresentation user, int expectedStatus, String expectedMessage) throws IOException { - SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); assertEquals(expectedStatus, response.getStatus()); ErrorRepresentation errorRep = response.asJson(ErrorRepresentation.class); List errors = errorRep.getErrors(); @@ -643,23 +644,23 @@ public void testProfilePermissions() throws IOException { TokenUtil viewToken = new TokenUtil("view-account-access", "password"); // Read with no access - assertEquals(403, SimpleHttp.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus()); + assertEquals(403, SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus()); // Update with no access - assertEquals(403, SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(noaccessToken.getToken()).json(new UserRepresentation()).asStatus()); + assertEquals(403, SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(noaccessToken.getToken()).json(new UserRepresentation()).asStatus()); // Update with read only - assertEquals(403, SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(viewToken.getToken()).json(new UserRepresentation()).asStatus()); + assertEquals(403, SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(viewToken.getToken()).json(new UserRepresentation()).asStatus()); } @Test public void testUpdateProfilePermissions() throws IOException { TokenUtil noaccessToken = new TokenUtil("no-account-access", "password"); - int status = SimpleHttp.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus(); + int status = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus(); assertEquals(403, status); TokenUtil viewToken = new TokenUtil("view-account-access", "password"); - status = SimpleHttp.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(viewToken.getToken()).asStatus(); + status = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(viewToken.getToken()).asStatus(); assertEquals(200, status); } @@ -739,7 +740,7 @@ public void testCredentialsGet() throws IOException { assertExpectedCredentialTypes(credentials, PasswordCredentialModel.TYPE, OTPCredentialModel.TYPE); // Test password-only - credentials = SimpleHttp.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password"), httpClient) + credentials = SimpleHttpDefault.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password"), httpClient) .auth(tokenUtil.getToken()).asJson(new TypeReference>() {}); Assert.assertEquals(1, credentials.size()); password = credentials.get(0); @@ -747,8 +748,8 @@ public void testCredentialsGet() throws IOException { Assert.assertEquals(1, password.getUserCredentialMetadatas().size()); // Test password-only and user-credentials - credentials = SimpleHttp.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password&" + - AccountCredentialResource.USER_CREDENTIALS + "=false"), httpClient) + credentials = SimpleHttpDefault.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password&" + + AccountCredentialResource.USER_CREDENTIALS + "=false"), httpClient) .auth(tokenUtil.getToken()).asJson(new TypeReference>() {}); Assert.assertEquals(1, credentials.size()); password = credentials.get(0); @@ -767,7 +768,7 @@ public void testCRUDCredentialOfDifferentUser() throws IOException { .get(); // Test that current user can't update the credential, which belongs to the different user - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doPut(getAccountUrl("credentials/" + otpCredential.getId() + "/label"), httpClient) .auth(tokenUtil.getToken()) .json("new-label") @@ -775,7 +776,7 @@ public void testCRUDCredentialOfDifferentUser() throws IOException { assertEquals(404, response.getStatus()); // Test that current user can't delete the credential, which belongs to the different user - response = SimpleHttp + response = SimpleHttpDefault .doDelete(getAccountUrl("credentials/" + otpCredential.getId()), httpClient) .acceptJson() .auth(tokenUtil.getToken()) @@ -846,7 +847,7 @@ public void testRemoveCredentialWithOtpCredentialTriggeringEvent() throws IOExce .filter(credentialRep -> OTPCredentialModel.TYPE.equals(credentialRep.getType())) .findFirst() .get(); - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doDelete(getAccountUrl("credentials/" + otpCredential.getId()), httpClient) .acceptJson() .auth(tokenUtil.getToken()) @@ -865,7 +866,7 @@ public void testRemoveCredentialWithOtpCredentialTriggeringEvent() throws IOExce // Send REST request to get all credential containers and credentials of current user private List getCredentials() throws IOException { - return SimpleHttp.doGet(getAccountUrl("credentials"), httpClient) + return SimpleHttpDefault.doGet(getAccountUrl("credentials"), httpClient) .auth(tokenUtil.getToken()).asJson(new TypeReference>() {}); } @@ -944,7 +945,7 @@ public void testCredentialsGetWithDisabledOtpRequiredAction() throws IOException String otpCredentialId = otpCredential.getUserCredentialMetadatas().get(0).getCredential().getId(); // remove credential using account console as otp is removable - try (SimpleHttp.Response response = SimpleHttp + try (SimpleHttp.Response response = SimpleHttpDefault .doDelete(getAccountUrl("credentials/" + otpCredentialId), httpClient) .acceptJson() .auth(tokenUtil.getToken()) @@ -982,7 +983,7 @@ public void testCredentialsForUserWithoutPassword() throws IOException { assertCredentialContainerExpected(password, PasswordCredentialModel.TYPE, CredentialTypeMetadata.Category.BASIC_AUTHENTICATION.toString(), "password-display-name", "password-help-text", "kcAuthenticatorPasswordClass", null, UserModel.RequiredAction.UPDATE_PASSWORD.toString(), false, 1); - try (SimpleHttp.Response response = SimpleHttp + try (SimpleHttp.Response response = SimpleHttpDefault .doDelete(getAccountUrl("credentials/" + password.getUserCredentialMetadatas().get(0).getCredential().getId()), httpClient) .acceptJson() .auth(tokenUtil.getToken()) @@ -1070,11 +1071,11 @@ private void assertCredentialContainerExpected(AccountCredentialResource.Credent public void testDeleteSessions() throws IOException { TokenUtil viewToken = new TokenUtil("view-account-access", "password"); oauth.doLogin("view-account-access", "password"); - List sessions = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference>() {}); + List sessions = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference>() {}); assertEquals(2, sessions.size()); - int status = SimpleHttp.doDelete(getAccountUrl("sessions?current=false"), httpClient).acceptJson().auth(viewToken.getToken()).asStatus(); + int status = SimpleHttpDefault.doDelete(getAccountUrl("sessions?current=false"), httpClient).acceptJson().auth(viewToken.getToken()).asStatus(); assertEquals(200, status); - sessions = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference>() {}); + sessions = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference>() {}); assertEquals(1, sessions.size()); } @@ -1085,7 +1086,7 @@ public void listApplications() throws Exception { assertNull(tokenResponse.getErrorDescription()); TokenUtil token = new TokenUtil("view-applications-access", "password"); - List applications = SimpleHttp + List applications = SimpleHttpDefault .doGet(getAccountUrl("applications"), httpClient) .header("Accept", "application/json") .auth(token.getToken()) @@ -1108,7 +1109,7 @@ public void listApplicationsFiltered() throws Exception { assertNull(tokenResponse.getErrorDescription()); TokenUtil token = new TokenUtil("view-applications-access", "password"); - List applications = SimpleHttp + List applications = SimpleHttpDefault .doGet(getAccountUrl("applications"), httpClient) .header("Accept", "application/json") .param("name", "In Use") @@ -1135,7 +1136,7 @@ public void listApplicationsOfflineAccess() throws Exception { assertNull(offlineTokenResponse.getErrorDescription()); TokenUtil token = new TokenUtil("view-applications-access", "password"); - List applications = SimpleHttp + List applications = SimpleHttpDefault .doGet(getAccountUrl("applications"), httpClient) .header("Accept", "application/json") .auth(token.getToken()) @@ -1172,14 +1173,14 @@ public void listApplicationsThirdParty(String clientScopeName, boolean expectCon ConsentRepresentation requestedConsent = new ConsentRepresentation(); requestedConsent.setGrantedScopes(Collections.singletonList(consentScopeRepresentation)); - SimpleHttp + SimpleHttpDefault .doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) .auth(token.getToken()) .asJson(ConsentRepresentation.class); - List applications = SimpleHttp + List applications = SimpleHttpDefault .doGet(getAccountUrl("applications"), httpClient) .header("Accept", "application/json") .auth(token.getToken()) @@ -1187,7 +1188,7 @@ public void listApplicationsThirdParty(String clientScopeName, boolean expectCon }); assertFalse(applications.isEmpty()); - SimpleHttp + SimpleHttpDefault .doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(token.getToken()) @@ -1217,7 +1218,7 @@ public void listApplicationsWithRootUrl() throws Exception { assertNull(tokenResponse.getErrorDescription()); TokenUtil token = new TokenUtil("view-applications-access", "password"); - List applications = SimpleHttp + List applications = SimpleHttpDefault .doGet(getAccountUrl("applications"), httpClient) .header("Accept", "application/json") .auth(token.getToken()) @@ -1246,7 +1247,7 @@ private void assertClientRep(ClientRepresentation clientRep, String name, String @Test public void listApplicationsWithoutPermission() throws IOException { TokenUtil token = new TokenUtil("no-account-access", "password"); - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doGet(getAccountUrl("applications"), httpClient) .header("Accept", "application/json") .auth(token.getToken()) @@ -1258,7 +1259,7 @@ public void listApplicationsWithoutPermission() throws IOException { public void getNotExistingApplication() throws IOException { TokenUtil token = new TokenUtil("view-applications-access", "password"); String appId = "not-existing"; - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doGet(getAccountUrl("applications/" + appId), httpClient) .header("Accept", "application/json") .auth(token.getToken()) @@ -1283,7 +1284,7 @@ public void createConsentForClient() throws IOException { List requestedScopes = testRealm().clientScopes().findAll().subList(0,2); ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes); - ConsentRepresentation consentRepresentation = SimpleHttp + ConsentRepresentation consentRepresentation = SimpleHttpDefault .doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1304,7 +1305,7 @@ public void createConsentForClient() throws IOException { events.assertEmpty(); //cleanup - SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) + SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) .asResponse(); @@ -1317,7 +1318,7 @@ public void updateConsentForClient() throws IOException { List requestedScopes = testRealm().clientScopes().findAll().subList(0,1); ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes); - ConsentRepresentation consentRepresentation = SimpleHttp + ConsentRepresentation consentRepresentation = SimpleHttpDefault .doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1331,7 +1332,7 @@ public void updateConsentForClient() throws IOException { requestedScopes = testRealm().clientScopes().findAll().subList(1,2); requestedConsent = createRequestedConsent(requestedScopes); - ConsentRepresentation consentRepresentation2 = SimpleHttp + ConsentRepresentation consentRepresentation2 = SimpleHttpDefault .doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1354,7 +1355,7 @@ public void updateConsentForClient() throws IOException { events.assertEmpty(); //Cleanup - SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) + SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) .asResponse(); @@ -1368,7 +1369,7 @@ public void createConsentForNotExistingClient() throws IOException { List requestedScopes = testRealm().clientScopes().findAll().subList(0,1); ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes); - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1386,7 +1387,7 @@ public void createConsentForClientWithoutPermission() throws IOException { List requestedScopes = testRealm().clientScopes().findAll().subList(0,1); ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes); - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1404,7 +1405,7 @@ public void createConsentForClientWithPut() throws IOException { List requestedScopes = testRealm().clientScopes().findAll().subList(0,1); ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes); - ConsentRepresentation consentRepresentation = SimpleHttp + ConsentRepresentation consentRepresentation = SimpleHttpDefault .doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1424,7 +1425,7 @@ public void createConsentForClientWithPut() throws IOException { events.assertEmpty(); //Cleanup - SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) + SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) .asResponse(); @@ -1438,7 +1439,7 @@ public void updateConsentForClientWithPut() throws IOException { List requestedScopes = testRealm().clientScopes().findAll().subList(0,1); ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes); - ConsentRepresentation consentRepresentation = SimpleHttp + ConsentRepresentation consentRepresentation = SimpleHttpDefault .doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1452,7 +1453,7 @@ public void updateConsentForClientWithPut() throws IOException { requestedScopes = testRealm().clientScopes().findAll().subList(1,2); requestedConsent = createRequestedConsent(requestedScopes); - ConsentRepresentation consentRepresentation2 = SimpleHttp + ConsentRepresentation consentRepresentation2 = SimpleHttpDefault .doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1475,7 +1476,7 @@ public void updateConsentForClientWithPut() throws IOException { events.assertEmpty(); //Cleanup - SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) + SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) .asResponse(); @@ -1489,7 +1490,7 @@ public void createConsentForNotExistingClientWithPut() throws IOException { List requestedScopes = testRealm().clientScopes().findAll().subList(0,1); ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes); - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1507,7 +1508,7 @@ public void createConsentForClientWithoutPermissionWithPut() throws IOException List requestedScopes = testRealm().clientScopes().findAll().subList(0,1); ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes); - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1525,7 +1526,7 @@ public void getConsentForClient() throws IOException { List requestedScopes = testRealm().clientScopes().findAll().subList(0,1); ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes); - ConsentRepresentation consentRepresentation1 = SimpleHttp + ConsentRepresentation consentRepresentation1 = SimpleHttpDefault .doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1536,7 +1537,7 @@ public void getConsentForClient() throws IOException { assertEquals(1, consentRepresentation1.getGrantedScopes().size()); assertEquals(requestedScopes.get(0).getId(), consentRepresentation1.getGrantedScopes().get(0).getId()); - ConsentRepresentation consentRepresentation2 = SimpleHttp + ConsentRepresentation consentRepresentation2 = SimpleHttpDefault .doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) @@ -1550,7 +1551,7 @@ public void getConsentForClient() throws IOException { public void getConsentForNotExistingClient() throws IOException { tokenUtil = new TokenUtil("view-consent-access", "password"); String appId = "not-existing"; - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) @@ -1562,7 +1563,7 @@ public void getConsentForNotExistingClient() throws IOException { public void getNotExistingConsentForClient() throws IOException { tokenUtil = new TokenUtil("view-consent-access", "password"); String appId = "security-admin-console"; - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) @@ -1574,7 +1575,7 @@ public void getNotExistingConsentForClient() throws IOException { public void getConsentWithoutPermission() throws IOException { tokenUtil = new TokenUtil("no-account-access", "password"); String appId = "security-admin-console"; - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) @@ -1590,7 +1591,7 @@ public void deleteConsentForClient() throws IOException { List requestedScopes = testRealm().clientScopes().findAll().subList(0,1); ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes); - ConsentRepresentation consentRepresentation = SimpleHttp + ConsentRepresentation consentRepresentation = SimpleHttpDefault .doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .json(requestedConsent) @@ -1601,7 +1602,7 @@ public void deleteConsentForClient() throws IOException { assertEquals(1, consentRepresentation.getGrantedScopes().size()); assertEquals(requestedScopes.get(0).getId(), consentRepresentation.getGrantedScopes().get(0).getId()); - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) @@ -1616,7 +1617,7 @@ public void deleteConsentForClient() throws IOException { .assertEvent(); events.assertEmpty(); - response = SimpleHttp + response = SimpleHttpDefault .doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) @@ -1628,7 +1629,7 @@ public void deleteConsentForClient() throws IOException { public void deleteConsentForNotExistingClient() throws IOException { tokenUtil = new TokenUtil("manage-consent-access", "password"); String appId = "not-existing"; - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) @@ -1640,7 +1641,7 @@ public void deleteConsentForNotExistingClient() throws IOException { public void deleteConsentWithoutPermission() throws IOException { tokenUtil = new TokenUtil("view-consent-access", "password"); String appId = "security-admin-console"; - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) @@ -1658,14 +1659,14 @@ public void revokeOfflineAccess() throws Exception { tokenUtil = new TokenUtil("view-applications-access", "password"); - SimpleHttp.Response response = SimpleHttp + SimpleHttp.Response response = SimpleHttpDefault .doDelete(getAccountUrl("applications/offline-client/consent"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) .asResponse(); assertEquals(204, response.getStatus()); - List applications = SimpleHttp + List applications = SimpleHttpDefault .doGet(getAccountUrl("applications"), httpClient) .header("Accept", "application/json") .auth(tokenUtil.getToken()) @@ -1692,7 +1693,7 @@ public void testApiVersion() throws IOException { public void testInvalidApiVersion() throws IOException { apiVersion = "v2-foo"; - SimpleHttp.Response response = SimpleHttp.doGet(getAccountUrl("credentials"), httpClient).auth(tokenUtil.getToken()).asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doGet(getAccountUrl("credentials"), httpClient).auth(tokenUtil.getToken()).asResponse(); assertEquals("API version not found", response.asJson().get("error").textValue()); assertEquals(404, response.getStatus()); } @@ -1703,7 +1704,7 @@ public void testAudience() throws Exception { OAuthClient.AccessTokenResponse tokenResponse = oauth.doGrantAccessTokenRequest("password", "test-user@localhost", "password"); assertNull(tokenResponse.getErrorDescription()); - SimpleHttp.Response response = SimpleHttp.doGet(getAccountUrl(null), httpClient) + SimpleHttp.Response response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient) .auth(tokenResponse.getAccessToken()) .header("Accept", "application/json") .asResponse(); @@ -1719,7 +1720,7 @@ public void testAudience() throws Exception { tokenResponse = oauth.doGrantAccessTokenRequest("password", "test-user@localhost", "password"); assertNull(tokenResponse.getErrorDescription()); - response = SimpleHttp.doGet(getAccountUrl(null), httpClient) + response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient) .auth(tokenResponse.getAccessToken()) .header("Accept", "application/json") .asResponse(); @@ -1731,7 +1732,7 @@ public void testAudience() throws Exception { tokenResponse = oauth.doGrantAccessTokenRequest("password", "test-user@localhost", "password"); assertNull(tokenResponse.getErrorDescription()); - response = SimpleHttp.doGet(getAccountUrl(null), httpClient) + response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient) .auth(tokenResponse.getAccessToken()) .header("Accept", "application/json") .asResponse(); @@ -1749,7 +1750,7 @@ public void testCustomAccountResourceTheme() throws Exception { realmRep.setAccountTheme("custom-account-provider"); adminClient.realm("test").update(realmRep); - SimpleHttp.Response response = SimpleHttp.doGet(getAccountUrl(null), httpClient) + SimpleHttp.Response response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient) .header("Accept", "text/html") .asResponse(); assertEquals(200, response.getStatus()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceWithUserProfileTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceWithUserProfileTest.java index 8288b635f6e9..9f2a7be4eae1 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceWithUserProfileTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceWithUserProfileTest.java @@ -43,6 +43,7 @@ import org.keycloak.representations.idm.UserProfileMetadata; import org.keycloak.representations.account.UserRepresentation; import org.keycloak.representations.idm.RealmRepresentation; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.forms.VerifyProfileTest; import org.keycloak.userprofile.UserProfileContext; @@ -325,7 +326,7 @@ public void testUpdateProfileEventWithAdditionalAttributesAuditing() throws IOEx user.setLastName(originalLastName); user.setEmail(originalEmail); user.setAttributes(originalAttributes); - SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); System.out.println(response.asString()); assertEquals(204, response.getStatus()); } @@ -384,7 +385,7 @@ protected UserRepresentation getUser(boolean fetchMetadata) throws IOException { } protected UserRepresentation updateAndGet(UserRepresentation user) throws IOException { - SimpleHttp a = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user); + SimpleHttp a = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user); try { assertEquals(204, a.asStatus()); } catch (AssertionError e) { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/LinkedAccountsRestServiceTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/LinkedAccountsRestServiceTest.java index 471593299b38..717124f28add 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/LinkedAccountsRestServiceTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/LinkedAccountsRestServiceTest.java @@ -27,6 +27,7 @@ import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.testsuite.AbstractTestRealmKeycloakTest; import org.keycloak.testsuite.AssertEvents; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.util.TokenUtil; import org.keycloak.testsuite.util.UserBuilder; @@ -133,7 +134,7 @@ private String getAccountUrl(String resource) { } private SortedSet linkedAccountsRep() throws IOException { - return SimpleHttp.doGet(getAccountUrl("linked-accounts"), client).auth(tokenUtil.getToken()).asJson(new TypeReference>() {}); + return SimpleHttpDefault.doGet(getAccountUrl("linked-accounts"), client).auth(tokenUtil.getToken()).asJson(new TypeReference>() {}); } private LinkedAccountRepresentation findLinkedAccount(String providerAlias) throws IOException { @@ -147,7 +148,7 @@ private LinkedAccountRepresentation findLinkedAccount(String providerAlias) thro @Test public void testBuildLinkedAccountUri() throws IOException { - AccountLinkUriRepresentation rep = SimpleHttp.doGet(getAccountUrl("linked-accounts/github?redirectUri=phonyUri"), client) + AccountLinkUriRepresentation rep = SimpleHttpDefault.doGet(getAccountUrl("linked-accounts/github?redirectUri=phonyUri"), client) .auth(tokenUtil.getToken()) .asJson(new TypeReference() {}); URI brokerUri = rep.getAccountLinkUri(); @@ -198,7 +199,7 @@ public void testGetLinkedAccounts() throws IOException { @Test public void testRemoveLinkedAccount() throws IOException { assertTrue(findLinkedAccount("github").isConnected()); - SimpleHttp.doDelete(getAccountUrl("linked-accounts/github"), client).auth(tokenUtil.getToken()).acceptJson().asResponse(); + SimpleHttpDefault.doDelete(getAccountUrl("linked-accounts/github"), client).auth(tokenUtil.getToken()).acceptJson().asResponse(); assertFalse(findLinkedAccount("github").isConnected()); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/ResourcesRestServiceTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/ResourcesRestServiceTest.java index 0c7401b8986e..13eb8009938b 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/ResourcesRestServiceTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/ResourcesRestServiceTest.java @@ -41,6 +41,7 @@ import org.keycloak.services.resources.account.resources.AbstractResourceService.Permission; import org.keycloak.services.resources.account.resources.AbstractResourceService.Resource; import org.keycloak.testsuite.ProfileAssume; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.util.ClientBuilder; import org.keycloak.testsuite.util.TokenUtil; import org.keycloak.testsuite.util.UserBuilder; @@ -350,7 +351,7 @@ public void testGetPermissions() throws Exception { permissions.add(permission); } - SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient) + SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient) .auth(tokenUtil.getToken()) .json(permissions).asResponse(); @@ -386,7 +387,7 @@ public void testShareResource() throws Exception { permissions.add(new Permission(users.get(users.size() - 1), "Scope A", "Scope B", "Scope C", "Scope D")); String resourceId = sharedResource.getId(); - SimpleHttp.Response response = SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient) + SimpleHttp.Response response = SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient) .auth(tokenUtil.getToken()) .json(permissions).asResponse(); @@ -410,7 +411,7 @@ public void testShareResource() throws Exception { public void failShareResourceInvalidPermissions() throws Exception { List permissions = new ArrayList<>(); - SimpleHttp.Response response = SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(getMyResources().get(0).getId()) + "/permissions"), httpClient) + SimpleHttp.Response response = SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(getMyResources().get(0).getId()) + "/permissions"), httpClient) .auth(tokenUtil.getToken()) .json(permissions).asResponse(); @@ -446,16 +447,16 @@ public void testEndpointPermissions() throws Exception { // test read access for (String url : Arrays.asList(resourcesUrl, sharedWithOthersUrl, sharedWithMeUrl, resourceUrl, permissionsUrl, requestsUrl)) { assertEquals( "no-account-access GET " + url, 403, - SimpleHttp.doGet(url, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).asStatus()); + SimpleHttpDefault.doGet(url, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).asStatus()); assertEquals("view-account-access GET " + url,200, - SimpleHttp.doGet(url, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).asStatus()); + SimpleHttpDefault.doGet(url, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).asStatus()); } // test write access assertEquals( "no-account-access PUT " + permissionsUrl, 403, - SimpleHttp.doPut(permissionsUrl, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).json(Collections.emptyList()).asStatus()); + SimpleHttpDefault.doPut(permissionsUrl, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).json(Collections.emptyList()).asStatus()); assertEquals( "view-account-access PUT " + permissionsUrl, 403, - SimpleHttp.doPut(permissionsUrl, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).json(Collections.emptyList()).asStatus()); + SimpleHttpDefault.doPut(permissionsUrl, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).json(Collections.emptyList()).asStatus()); } @Test @@ -475,7 +476,7 @@ public void testRevokePermission() throws Exception { permissions.add(new Permission(users.get(users.size() - 1), "Scope B", "Scope D")); String resourceId = sharedResource.getId(); - SimpleHttp.Response response = SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient) + SimpleHttp.Response response = SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient) .auth(tokenUtil.getToken()) .json(permissions).asResponse(); @@ -611,7 +612,7 @@ public void testApprovePermissionRequest() throws IOException { } } - SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient) + SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient) .auth(tokenUtil.getToken()) .json(requests).asResponse(); @@ -706,7 +707,7 @@ private R doGet(String resource, String token, Class type) { } private SimpleHttp get(String resource, String token) { - return SimpleHttp.doGet(getAccountUrl("resources" + resource), httpClient).auth(token); + return SimpleHttpDefault.doGet(getAccountUrl("resources" + resource), httpClient).auth(token); } private AuthzClient createAuthzClient(ClientRepresentation client) { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/SessionRestServiceTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/SessionRestServiceTest.java index 6cfbe9dc72e4..89ba95200806 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/SessionRestServiceTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/SessionRestServiceTest.java @@ -38,6 +38,7 @@ import org.keycloak.representations.account.DeviceRepresentation; import org.keycloak.representations.account.SessionRepresentation; import org.keycloak.representations.idm.RealmRepresentation; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.util.ClientBuilder; import org.keycloak.testsuite.util.ContainerAssume; import org.keycloak.testsuite.util.OAuthClient; @@ -100,25 +101,25 @@ public void testProfilePreviewPermissions() throws IOException { TokenUtil viewToken = new TokenUtil("view-account-access", "password"); // Read sessions with no access - assertEquals(403, SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).header("Accept", "application/json") + assertEquals(403, SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).header("Accept", "application/json") .auth(noaccessToken.getToken()).asStatus()); // Delete all sessions with no access - assertEquals(403, SimpleHttp.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json") + assertEquals(403, SimpleHttpDefault.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json") .auth(noaccessToken.getToken()).asStatus()); // Delete all sessions with read only - assertEquals(403, SimpleHttp.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json") + assertEquals(403, SimpleHttpDefault.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json") .auth(viewToken.getToken()).asStatus()); // Delete single session with no access assertEquals(403, - SimpleHttp.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json") + SimpleHttpDefault.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json") .auth(noaccessToken.getToken()).asStatus()); // Delete single session with read only assertEquals(403, - SimpleHttp.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json") + SimpleHttpDefault.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json") .auth(viewToken.getToken()).asStatus()); } @@ -310,14 +311,14 @@ public void testLogout() throws IOException { assertEquals(2, sessions.size()); // With `ViewToken` you can only read - int status = SimpleHttp.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson() + int status = SimpleHttpDefault.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson() .auth(viewToken.getToken()).asStatus(); assertEquals(403, status); sessions = getSessions(viewToken.getToken()); assertEquals(2, sessions.size()); // Here you can delete the session - status = SimpleHttp.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson().auth(tokenUtil.getToken()) + status = SimpleHttpDefault.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson().auth(tokenUtil.getToken()) .asStatus(); assertEquals(204, status); sessions = getSessions(tokenUtil.getToken()); @@ -333,18 +334,18 @@ public void testLogoutAll() throws IOException { assertEquals(3, getSessions().size()); String currentToken = tokenResponse.getAccessToken(); - int status = SimpleHttp.doDelete(getAccountUrl("sessions"), httpClient) + int status = SimpleHttpDefault.doDelete(getAccountUrl("sessions"), httpClient) .acceptJson() .auth(currentToken).asStatus(); assertEquals(204, status); assertEquals(1, getSessions(currentToken).size()); - status = SimpleHttp.doDelete(getAccountUrl("sessions?current=true"), httpClient) + status = SimpleHttpDefault.doDelete(getAccountUrl("sessions?current=true"), httpClient) .acceptJson() .auth(currentToken).asStatus(); assertEquals(204, status); - status = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient) + status = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient) .acceptJson() .auth(currentToken).asStatus(); assertEquals(401, status); @@ -406,7 +407,7 @@ public void testNonBrowserSession() throws Exception { } private List getSessions(String sessionOne) throws IOException { - return SimpleHttp + return SimpleHttpDefault .doGet(getAccountUrl("sessions"), httpClient).auth(sessionOne) .asJson(new TypeReference>() { }); @@ -425,7 +426,7 @@ private List getDevicesOtherThanOther(String token) throws } private List queryDevices(String token) throws IOException { - return SimpleHttp + return SimpleHttpDefault .doGet(getAccountUrl("sessions/devices"), httpClient).auth(token) .asJson(new TypeReference>() { }); @@ -446,7 +447,7 @@ private void joinSsoSession(String clientId) { } private List getSessions() throws IOException { - return SimpleHttp + return SimpleHttpDefault .doGet(getAccountUrl("sessions"), httpClient).auth(tokenUtil.getToken()) .asJson(new TypeReference>() { }); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsoleLandingPageTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsoleLandingPageTest.java index bf3fe5c6df71..6d849c10ce60 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsoleLandingPageTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsoleLandingPageTest.java @@ -9,6 +9,7 @@ import org.keycloak.broker.provider.util.SimpleHttp; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.testsuite.AbstractKeycloakTest; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import java.io.IOException; import java.util.HashMap; @@ -41,7 +42,7 @@ public void addTestRealms(List testRealms) { @Test public void landingPage() throws IOException { - String body = SimpleHttp.doGet(suiteContext.getAuthServerInfo().getContextRoot() + "/auth/admin/master/console", client).asString(); + String body = SimpleHttpDefault.doGet(suiteContext.getAuthServerInfo().getContextRoot() + "/auth/admin/master/console", client).asString(); Map config = getConfig(body); String authUrl = config.get("authUrl"); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsolePermissionsCalculatedTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsolePermissionsCalculatedTest.java index 222489dbf5fa..8573bff7b64d 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsolePermissionsCalculatedTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsolePermissionsCalculatedTest.java @@ -28,6 +28,7 @@ import org.keycloak.representations.AccessTokenResponse; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.testsuite.AbstractKeycloakTest; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.updaters.Creator; import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.RealmBuilder; @@ -71,7 +72,7 @@ public void changeRealmTokenAlgorithm() throws Exception { String whoAmiUrl = suiteContext.getAuthServerInfo().getContextRoot().toString() + "/auth/admin/master/console/whoami?currentRealm=master"; - JsonNode jsonNode = SimpleHttp.doGet(whoAmiUrl, client).auth(accessToken.getToken()).asJson(); + JsonNode jsonNode = SimpleHttpDefault.doGet(whoAmiUrl, client).auth(accessToken.getToken()).asJson(); assertTrue("Permissions for " + Config.getAdminRealm() + " realm.", jsonNode.at("/realm_access/" + Config.getAdminRealm()).isArray()); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsoleWhoAmILocaleTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsoleWhoAmILocaleTest.java index 0d9338b4dfcc..11597f578471 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsoleWhoAmILocaleTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsoleWhoAmILocaleTest.java @@ -11,6 +11,7 @@ import org.keycloak.representations.AccessTokenResponse; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.testsuite.AbstractKeycloakTest; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.util.RealmBuilder; import org.keycloak.testsuite.util.UserBuilder; @@ -101,7 +102,7 @@ private String whoAmiUrl(String realmName) { @Test public void testLocaleRealmI18nDisabledUserWithoutLocale() throws Exception { - JsonNode whoAmI = SimpleHttp + JsonNode whoAmI = SimpleHttpDefault .doGet(whoAmiUrl(REALM_I18N_OFF), client) .header("Accept", "application/json") .auth(accessToken(REALM_I18N_OFF, USER_WITHOUT_LOCALE)) @@ -112,7 +113,7 @@ public void testLocaleRealmI18nDisabledUserWithoutLocale() throws Exception { @Test public void testLocaleRealmI18nDisabledUserWithLocale() throws Exception { - JsonNode whoAmI = SimpleHttp + JsonNode whoAmI = SimpleHttpDefault .doGet(whoAmiUrl(REALM_I18N_OFF), client) .header("Accept", "application/json") .auth(accessToken(REALM_I18N_OFF, USER_WITH_LOCALE)) @@ -123,7 +124,7 @@ public void testLocaleRealmI18nDisabledUserWithLocale() throws Exception { @Test public void testLocaleRealmI18nEnabledUserWithoutLocale() throws Exception { - JsonNode whoAmI = SimpleHttp + JsonNode whoAmI = SimpleHttpDefault .doGet(whoAmiUrl(REALM_I18N_ON), client) .header("Accept", "application/json") .auth(accessToken(REALM_I18N_ON, USER_WITHOUT_LOCALE)) @@ -134,7 +135,7 @@ public void testLocaleRealmI18nEnabledUserWithoutLocale() throws Exception { @Test public void testLocaleRealmI18nEnabledUserWithLocale() throws Exception { - JsonNode whoAmI = SimpleHttp + JsonNode whoAmI = SimpleHttpDefault .doGet(whoAmiUrl(REALM_I18N_ON), client) .header("Accept", "application/json") .auth(accessToken(REALM_I18N_ON, USER_WITH_LOCALE)) @@ -145,7 +146,7 @@ public void testLocaleRealmI18nEnabledUserWithLocale() throws Exception { @Test public void testLocaleRealmI18nEnabledAcceptLanguageHeader() throws Exception { - JsonNode whoAmI = SimpleHttp + JsonNode whoAmI = SimpleHttpDefault .doGet(whoAmiUrl(REALM_I18N_ON), client) .header("Accept", "application/json") .auth(accessToken(REALM_I18N_ON, USER_WITHOUT_LOCALE)) @@ -157,7 +158,7 @@ public void testLocaleRealmI18nEnabledAcceptLanguageHeader() throws Exception { @Test public void testLocaleRealmI18nEnabledKeycloakLocaleCookie() throws Exception { - JsonNode whoAmI = SimpleHttp + JsonNode whoAmI = SimpleHttpDefault .doGet(whoAmiUrl(REALM_I18N_ON), client) .header("Accept", "application/json") .auth(accessToken(REALM_I18N_ON, USER_WITHOUT_LOCALE)) diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTest.java index 7cf72ac02dfa..5da29ece0880 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTest.java @@ -39,6 +39,7 @@ import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.testsuite.Assert; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.updaters.RealmAttributeUpdater; import org.keycloak.testsuite.util.AccountHelper; import org.keycloak.testsuite.util.OAuthClient; @@ -490,7 +491,7 @@ public void testIdPNotFound() { assertThat(errorPage.getError(), is("Page not found")); try (CloseableHttpClient client = HttpClientBuilder.create().build()) { - SimpleHttp.Response simple = SimpleHttp.doGet(LINK, client).asResponse(); + SimpleHttp.Response simple = SimpleHttpDefault.doGet(LINK, client).asResponse(); assertThat(simple, notNullValue()); assertThat(simple.getStatus(), is(Response.Status.NOT_FOUND.getStatusCode())); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTransientSessionsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTransientSessionsTest.java index 389e63ee1ede..6f6f06d45c46 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTransientSessionsTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTransientSessionsTest.java @@ -53,6 +53,7 @@ import org.keycloak.testsuite.Assert; import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.arquillian.annotation.EnableFeature; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.updaters.ClientAttributeUpdater; import org.keycloak.testsuite.updaters.Creator; import org.keycloak.testsuite.util.AccountHelper; @@ -362,7 +363,7 @@ public void testIdPNotFound() { assertThat(errorPage.getError(), is("Page not found")); try (CloseableHttpClient client = HttpClientBuilder.create().build()) { - SimpleHttp.Response simple = SimpleHttp.doGet(LINK, client).asResponse(); + SimpleHttp.Response simple = SimpleHttpDefault.doGet(LINK, client).asResponse(); assertThat(simple, notNullValue()); assertThat(simple.getStatus(), is(Response.Status.NOT_FOUND.getStatusCode())); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/error/UncaughtErrorPageTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/error/UncaughtErrorPageTest.java index 8c2a50757e50..a1f75c6823d9 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/error/UncaughtErrorPageTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/error/UncaughtErrorPageTest.java @@ -21,6 +21,7 @@ import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.testsuite.AbstractKeycloakTest; import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.pages.ErrorPage; import org.keycloak.util.JsonSerialization; import org.keycloak.utils.MediaType; @@ -166,7 +167,7 @@ public void uncaughtErrorHeaders() throws IOException { URI uri = suiteContext.getAuthServerInfo().getUriBuilder().path("/auth/realms/master/testing/uncaught-error").build(); try (CloseableHttpClient client = HttpClientBuilder.create().build()) { - SimpleHttp.Response response = SimpleHttp.doGet(uri.toString(), client).header("Accept", MediaType.TEXT_HTML_UTF_8).asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doGet(uri.toString(), client).header("Accept", MediaType.TEXT_HTML_UTF_8).asResponse(); for (BrowserSecurityHeaders header : BrowserSecurityHeaders.values()) { String expectedValue = header.getDefaultValue(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPAccountRestApiTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPAccountRestApiTest.java index e66f0b408319..48298acc725f 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPAccountRestApiTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPAccountRestApiTest.java @@ -45,6 +45,7 @@ import org.keycloak.services.messages.Messages; import org.keycloak.services.resources.account.AccountCredentialResource; import org.keycloak.storage.ldap.idm.model.LDAPObject; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.forms.VerifyProfileTest; import org.keycloak.testsuite.util.LDAPRule; import org.keycloak.testsuite.util.LDAPTestUtils; @@ -248,11 +249,11 @@ public void testUpdateProfileSimple() throws IOException { RealmModel appRealm = ctx.getRealm(); appRealm.setEditUsernameAllowed(false); }); - UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); + UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); user.setEmail("john-alias@email.org"); - SimpleHttp.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus(); + SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus(); - UserRepresentation usernew = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); + UserRepresentation usernew = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); assertEquals("johnkeycloak", usernew.getUsername()); assertEquals("John", usernew.getFirstName()); assertEquals("Doe", usernew.getLastName()); @@ -261,7 +262,7 @@ public void testUpdateProfileSimple() throws IOException { //clean up usernew.setEmail("john@email.org"); - SimpleHttp.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus(); + SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus(); } @@ -272,11 +273,11 @@ public void testIgnoreReadOnlyAttributes() throws IOException { RealmModel appRealm = ctx.getRealm(); appRealm.setEditUsernameAllowed(false); }); - UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); + UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); user.setEmail("john-alias@email.org"); - SimpleHttp.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus(); + SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus(); - UserRepresentation usernew = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); + UserRepresentation usernew = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); assertEquals("johnkeycloak", usernew.getUsername()); assertEquals("John", usernew.getFirstName()); assertEquals("Doe", usernew.getLastName()); @@ -288,7 +289,7 @@ public void testIgnoreReadOnlyAttributes() throws IOException { //clean up usernew.setEmail("john@email.org"); - final int i = SimpleHttp.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus(); + final int i = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus(); org.keycloak.representations.idm.UserRepresentation userRep = testRealm().users() .search(usernew.getUsername()).get(0); @@ -300,7 +301,7 @@ public void testIgnoreReadOnlyAttributes() throws IOException { userRep.setAttributes(null); testRealm().users().get(userRep.getId()).update(userRep); - usernew = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); + usernew = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); // Metadata attributes still not present in account REST Assert.assertNull(usernew.getAttributes()); @@ -317,23 +318,23 @@ private String getAccountUrl(String resource) { } private UserRepresentation getProfile() throws IOException { - return SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); + return SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class); } private void updateProfileExpectSuccess(UserRepresentation user) throws IOException { - int status = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus(); + int status = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus(); assertEquals(204, status); } private void updateProfileExpectError(UserRepresentation user, int expectedStatus, String expectedMessage) throws IOException { - SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse(); assertEquals(expectedStatus, response.getStatus()); assertEquals(expectedMessage, response.asJson(ErrorRepresentation.class).getErrorMessage()); } // Send REST request to get all credential containers and credentials of current user private List getCredentials() throws IOException { - return SimpleHttp.doGet(getAccountUrl("credentials"), httpClient) + return SimpleHttpDefault.doGet(getAccountUrl("credentials"), httpClient) .auth(tokenUtil.getToken()).asJson(new TypeReference>() {}); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java index 4ccd2affb130..850ef3eaa6ed 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java @@ -42,6 +42,7 @@ import org.keycloak.testsuite.AbstractTestRealmKeycloakTest; import org.keycloak.testsuite.Assert; import org.keycloak.testsuite.admin.ApiUtil; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.federation.BackwardsCompatibilityUserStorageFactory; import org.keycloak.testsuite.pages.AppPage; import org.keycloak.testsuite.pages.LoginConfigTotpPage; @@ -249,7 +250,7 @@ public void testOTPSetupAndRemoveThroughAccountMgmtAndLogin() throws URISyntaxEx String otpCredentialId = otpCreds.get(0).getCredential().getId(); // Delete OTP credential from federated storage - int deleteStatus = SimpleHttp.doDelete(accountCredentialsUrl + "/" + otpCredentialId, httpClient) + int deleteStatus = SimpleHttpDefault.doDelete(accountCredentialsUrl + "/" + otpCredentialId, httpClient) .auth(accountToken).acceptJson().asStatus(); Assert.assertEquals(204, deleteStatus); @@ -352,7 +353,7 @@ private void assertUserHasOTPCredentialInUserStorage(boolean expectedUserHasOTP) } private List getOtpCredentialFromAccountREST(String accountCredentialsUrl, CloseableHttpClient httpClient, TokenUtil tokenUtil) throws IOException { - List credentials = SimpleHttp.doGet(accountCredentialsUrl, httpClient) + List credentials = SimpleHttpDefault.doGet(accountCredentialsUrl, httpClient) .auth(tokenUtil.getToken()).asJson(new TypeReference<>() {}); return credentials.stream() diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java index f7f557f92f43..0aff7a62c296 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java @@ -72,6 +72,7 @@ import org.keycloak.testsuite.AbstractKeycloakTest; import org.keycloak.testsuite.Assert; import org.keycloak.testsuite.admin.ApiUtil; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.exportimport.ExportImportUtil; import org.keycloak.testsuite.runonserver.RunHelpers; import org.keycloak.testsuite.util.OAuthClient; @@ -1118,7 +1119,7 @@ protected void testMigrationTo7_x(boolean supportedAuthzServices) { protected void testResourceTag() { try (CloseableHttpClient client = HttpClientBuilder.create().build()) { URI url = suiteContext.getAuthServerInfo().getUriBuilder().path("/auth").build(); - String response = SimpleHttp.doGet(url.toString(), client).asString(); + String response = SimpleHttpDefault.doGet(url.toString(), client).asString(); Matcher m = Pattern.compile("resources/([^/]*)/common").matcher(response); assertTrue(m.find()); assertTrue(m.group(1).matches("[a-zA-Z0-9_\\-.~]{5}")); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java index 842b7b5f2f7a..b0730deb2e98 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java @@ -39,6 +39,7 @@ import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.testsuite.AbstractKeycloakTest; import org.keycloak.testsuite.AssertEvents; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.pages.ErrorPage; import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.util.ClientBuilder; @@ -301,10 +302,10 @@ public void testWithCustomScheme() throws IOException { CloseableHttpClient client = HttpClients.custom().setDefaultRequestConfig(globalConfig).setDefaultCookieStore(cookieStore).build(); try { - String loginPage = SimpleHttp.doGet(loginUrl, client).asString(); + String loginPage = SimpleHttpDefault.doGet(loginUrl, client).asString(); String formAction = loginPage.split("action=\"")[1].split("\"")[0].replaceAll("&", "&"); - SimpleHttp.Response response = SimpleHttp.doPost(formAction, client).param("username", "test-user@localhost").param("password", "password").asResponse(); + SimpleHttp.Response response = SimpleHttpDefault.doPost(formAction, client).param("username", "test-user@localhost").param("password", "password").asResponse(); response.getStatus(); assertThat(response.getFirstHeader("Location"), Matchers.startsWith("android-app://org.keycloak.examples.cordova/https/keycloak-cordova-example.github.io/login")); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/TokenRevocationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/TokenRevocationTest.java index 6d7e465ebe21..b23497059bd5 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/TokenRevocationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/TokenRevocationTest.java @@ -61,6 +61,7 @@ import org.keycloak.testsuite.AbstractKeycloakTest; import org.keycloak.testsuite.Assert; import org.keycloak.testsuite.AssertEvents; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ClientManager; @@ -326,7 +327,7 @@ private void isAccessTokenDisabled(String accessTokenString, String clientId) th // Test account REST not possible String accountUrl = OAuthClient.AUTH_SERVER_ROOT + "/realms/test/account"; - SimpleHttp accountRequest = SimpleHttp.doGet(accountUrl, restHttpClient) + SimpleHttp accountRequest = SimpleHttpDefault.doGet(accountUrl, restHttpClient) .auth(accessTokenString) .acceptJson(); assertEquals(Status.UNAUTHORIZED.getStatusCode(), accountRequest.asStatus()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCAdvancedRequestParamsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCAdvancedRequestParamsTest.java index b1635d3c66ef..2371d8c2901e 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCAdvancedRequestParamsTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCAdvancedRequestParamsTest.java @@ -73,6 +73,7 @@ import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.admin.AbstractAdminTest; import org.keycloak.testsuite.admin.ApiUtil; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.client.resources.TestApplicationResourceUrls; import org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource; import org.keycloak.testsuite.pages.AppPage; @@ -1436,11 +1437,11 @@ public void testSignedAndEncryptedRequestObject() throws IOException, JWEExcepti private String createEncryptedRequestObject(String encAlg) throws IOException, JWEException { try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) { - OIDCConfigurationRepresentation representation = SimpleHttp + OIDCConfigurationRepresentation representation = SimpleHttpDefault .doGet(getAuthServerRoot().toString() + "realms/" + oauth.getRealm() + "/.well-known/openid-configuration", httpClient).asJson(OIDCConfigurationRepresentation.class); String jwksUri = representation.getJwksUri(); - JSONWebKeySet jsonWebKeySet = SimpleHttp.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class); + JSONWebKeySet jsonWebKeySet = SimpleHttpDefault.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class); Map keysForUse = JWKSUtils.getKeysForUse(jsonWebKeySet, JWK.Use.ENCRYPTION); String keyId = null; @@ -1523,11 +1524,11 @@ private void assertRequestObjectEncryption(JWEHeader jweHeader) throws Exception byte[] contentBytes = JsonSerialization.writeValueAsBytes(requestObject); try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) { - OIDCConfigurationRepresentation representation = SimpleHttp + OIDCConfigurationRepresentation representation = SimpleHttpDefault .doGet(getAuthServerRoot().toString() + "realms/" + oauth.getRealm() + "/.well-known/openid-configuration", httpClient).asJson(OIDCConfigurationRepresentation.class); String jwksUri = representation.getJwksUri(); - JSONWebKeySet jsonWebKeySet = SimpleHttp.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class); + JSONWebKeySet jsonWebKeySet = SimpleHttpDefault.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class); Map keysForUse = JWKSUtils.getKeysForUse(jsonWebKeySet, JWK.Use.ENCRYPTION); String keyId = jweHeader.getKeyId(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java index b33a6a663dbc..11e0b9c236b5 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java @@ -47,6 +47,7 @@ import org.keycloak.testsuite.Assert; import org.keycloak.testsuite.admin.AbstractAdminTest; import org.keycloak.testsuite.arquillian.annotation.EnableFeature; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.forms.BrowserFlowTest; import org.keycloak.testsuite.forms.LevelOfAssuranceFlowTest; import org.keycloak.testsuite.util.AdminClientUtil; @@ -288,10 +289,10 @@ public void corsTest() { public void certs() throws IOException { TokenSignatureUtil.registerKeyProvider(Algorithm.ES256, adminClient, testContext); - OIDCConfigurationRepresentation representation = SimpleHttp.doGet(getAuthServerRoot().toString() + "realms/test/.well-known/openid-configuration", client).asJson(OIDCConfigurationRepresentation.class); + OIDCConfigurationRepresentation representation = SimpleHttpDefault.doGet(getAuthServerRoot().toString() + "realms/test/.well-known/openid-configuration", client).asJson(OIDCConfigurationRepresentation.class); String jwksUri = representation.getJwksUri(); - JSONWebKeySet jsonWebKeySet = SimpleHttp.doGet(jwksUri, client).asJson(JSONWebKeySet.class); + JSONWebKeySet jsonWebKeySet = SimpleHttpDefault.doGet(jwksUri, client).asJson(JSONWebKeySet.class); assertEquals(3, jsonWebKeySet.getKeys().length); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/DefaultHostnameTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/DefaultHostnameTest.java index ecdf3da1e03c..e2231deae4d8 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/DefaultHostnameTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/DefaultHostnameTest.java @@ -25,6 +25,7 @@ import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude; +import org.keycloak.testsuite.broker.util.SimpleHttpDefault; import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ClientBuilder; import org.keycloak.testsuite.util.OAuthClient; @@ -274,7 +275,7 @@ private void assertBackendForcedToFrontendWithMatchingHostname(String realm, Str private void assertWelcomePage(String expectedAdminUrl) throws IOException { try (CloseableHttpClient client = HttpClientBuilder.create().build()) { - SimpleHttp get = SimpleHttp.doGet(AUTH_SERVER_ROOT + "/", client); + SimpleHttp get = SimpleHttpDefault.doGet(AUTH_SERVER_ROOT + "/", client); for (Map.Entry entry : createRequestHeaders(expectedAdminUrl).entrySet()) { get.header(entry.getKey(), entry.getValue()); @@ -288,7 +289,7 @@ private void assertWelcomePage(String expectedAdminUrl) throws IOException { private void assertOldAdminPageJsPathSetCorrectly(String realm, String expectedAdminUrl) throws IOException { try (CloseableHttpClient client = HttpClientBuilder.create().build()) { - SimpleHttp get = SimpleHttp.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client); + SimpleHttp get = SimpleHttpDefault.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client); for (Map.Entry entry : createRequestHeaders(expectedAdminUrl).entrySet()) { get.header(entry.getKey(), entry.getValue()); @@ -302,7 +303,7 @@ private void assertOldAdminPageJsPathSetCorrectly(String realm, String expectedA private void assertAdminPage(String realm, String expectedFrontendUrl, String expectedAdminUrl) throws IOException, URISyntaxException { try (CloseableHttpClient client = HttpClientBuilder.create().build()) { - SimpleHttp get = SimpleHttp.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client); + SimpleHttp get = SimpleHttpDefault.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client); for (Map.Entry entry : createRequestHeaders(expectedAdminUrl).entrySet()) { get.header(entry.getKey(), entry.getValue());