Codestin Search App

mabartos · 2026-02-03T14:42:20Z

Closes Create tests for checking permissions #45975

keycloak-github-bot

Unreported flaky test detected, please review

keycloak-github-bot · 2026-02-03T17:33:35Z

Unreported flaky test detected

If the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.forms.BruteForceTest#testExceedMaxTemporaryLockouts

Keycloak CI - Forms IT (chrome)

java.lang.AssertionError: Expected LoginPage but was localhost (https://localhost:8543/auth/realms/test/login-actions/authenticate?session_code=sipWuEgKejzoW8sX60hjeRDwmlx-sW21N8Q-5SHzQ-w&execution=1776db0f-31b7-466b-a962-fb2d35b1cdda&client_id=test-app&tab_id=cFHeQQcMj1Q&client_data=eyJydSI6Imh0dHBzOi8vbG9jYWxob3N0Ojg1NDMvYXV0aC9yZWFsbXMvbWFzdGVyL2FwcC9hdXRoIiwicnQiOiJjb2RlIn0)
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.assertTrue(Assert.java:42)
	at org.keycloak.testsuite.pages.AbstractPage.assertCurrent(AbstractPage.java:39)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
...

Report flaky test

mabartos · 2026-02-04T14:18:27Z

@edewit @keycloak/cloud-native Could you please check it? Thanks!

shawkins

This looks great, thank you @mabartos

Related to this once we have the layers separated I would wonder if we could introduce a v1 to v2 shim to run all the existing v1 test cases against v2 to make sure we have accounted for all the differences.

mabartos · 2026-02-04T16:07:38Z

Related to this once we have the layers separated I would wonder if we could introduce a v1 to v2 shim to run all the existing v1 test cases against v2 to make sure we have accounted for all the differences.

@shawkins Thanks. +1 Yep, once it's doable, I think it'd be very good to do it to increase our confidence with the V2.

edewit

👍

mabartos · 2026-02-05T13:21:17Z

@vmuzikar I saw that you requested a review for yourself. Do you plan to look at it?

vmuzikar · 2026-02-05T17:49:41Z

@mabartos Yes, I'd like to take a look tomorrow.

vmuzikar

@mabartos Thank you for the PR. I think it's a good start.

...-v2/tests/src/test/java/org/keycloak/tests/admin/client/v2/ClientApiV2AuthorizationTest.java

vmuzikar · 2026-02-06T16:17:25Z

...-v2/tests/src/test/java/org/keycloak/tests/admin/client/v2/ClientApiV2AuthorizationTest.java

+    @InjectAdminClient(ref = "manageRealmAdminClient", client = "test-client", user = "manage-realm-admin",
+                      mode = InjectAdminClient.Mode.MANAGED_REALM)
+    Keycloak manageRealmAdminClient;


In general, we're missing manage-realm role from almost all test but that should be fine as it's a role essentially unrelated to clients.

@vmuzikar We can think about potential other test cases later if it works to you.

...-v2/tests/src/test/java/org/keycloak/tests/admin/client/v2/ClientApiV2AuthorizationTest.java

vmuzikar · 2026-02-06T16:40:57Z

...-v2/tests/src/test/java/org/keycloak/tests/admin/client/v2/ClientApiV2AuthorizationTest.java

We're missing some tests for FGAP. Permissions can be on per-client basis. But I'd be ok with doing it as a follow-up.

Yes, we can do it in a follow-up.

Follow-up:

Create tests to check FGAP #46209

Closes keycloak#45975 Signed-off-by: Martin Bartoš <[email protected]>

Signed-off-by: Martin Bartoš <[email protected]>

mabartos · 2026-02-09T15:08:11Z

@vmuzikar Replied in your comments. For completeness, I've added the missing test cases with different roles.

Should be ready to review.

Pepo48

Thanks @mabartos, great job!

vmuzikar

Thank you, looks good.

* [client-v2] Create tests for checking permissions Closes keycloak#45975 Signed-off-by: Martin Bartoš <[email protected]> * Simplify admin client creation, test abstraction Signed-off-by: Martin Bartoš <[email protected]> * Address Vasek's comments Signed-off-by: Martin Bartoš <[email protected]> --------- Signed-off-by: Martin Bartoš <[email protected]>

mabartos self-assigned this Feb 3, 2026

mabartos added the team/admin-api-wg Admin API v2 Working Group label Feb 3, 2026

mabartos force-pushed the KC-45975 branch 2 times, most recently from 1a53fba to dbd3e59 Compare February 3, 2026 16:30

keycloak-github-bot bot added the flaky-test label Feb 3, 2026

keycloak-github-bot bot reviewed Feb 3, 2026

View reviewed changes

mabartos force-pushed the KC-45975 branch from dbd3e59 to 90096f5 Compare February 4, 2026 11:47

mabartos marked this pull request as ready for review February 4, 2026 11:48

mabartos requested review from a team as code owners February 4, 2026 11:48

keycloak-github-bot bot added the team/cloud-native label Feb 4, 2026

mabartos force-pushed the KC-45975 branch 5 times, most recently from 62e432e to 8b8892a Compare February 4, 2026 13:14

shawkins previously approved these changes Feb 4, 2026

View reviewed changes

vmuzikar self-requested a review February 4, 2026 17:28

edewit approved these changes Feb 5, 2026

View reviewed changes

vmuzikar requested changes Feb 6, 2026

View reviewed changes

vmuzikar mentioned this pull request Feb 6, 2026

initial version of the client v2 policy test #46029

Merged

mabartos added 2 commits February 9, 2026 12:02

[client-v2] Create tests for checking permissions

83c287e

Closes keycloak#45975 Signed-off-by: Martin Bartoš <[email protected]>

Simplify admin client creation, test abstraction

ce3ce8f

Signed-off-by: Martin Bartoš <[email protected]>

mabartos dismissed shawkins’s stale review via 2545d76 February 9, 2026 15:01

mabartos force-pushed the KC-45975 branch from 8b8892a to 2545d76 Compare February 9, 2026 15:01

Address Vasek's comments

d2821c0

Signed-off-by: Martin Bartoš <[email protected]>

mabartos force-pushed the KC-45975 branch from 2545d76 to d2821c0 Compare February 9, 2026 15:04

mabartos requested a review from vmuzikar February 9, 2026 16:05

Pepo48 approved these changes Feb 10, 2026

View reviewed changes

mabartos requested review from vmuzikar and removed request for vmuzikar February 11, 2026 16:44

vmuzikar approved these changes Feb 11, 2026

View reviewed changes

vmuzikar merged commit 479d554 into keycloak:main Feb 11, 2026
83 checks passed

Conversation

mabartos commented Feb 3, 2026

Uh oh!

keycloak-github-bot bot left a comment

Choose a reason for hiding this comment

Uh oh!

keycloak-github-bot bot commented Feb 3, 2026

Unreported flaky test detected

org.keycloak.testsuite.forms.BruteForceTest#testExceedMaxTemporaryLockouts

Uh oh!

mabartos commented Feb 4, 2026

Uh oh!

shawkins left a comment

Choose a reason for hiding this comment

Uh oh!

mabartos commented Feb 4, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

edewit left a comment

Choose a reason for hiding this comment

Uh oh!

mabartos commented Feb 5, 2026

Uh oh!

vmuzikar commented Feb 5, 2026

Uh oh!

vmuzikar left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

vmuzikar Feb 6, 2026

Choose a reason for hiding this comment

Uh oh!

mabartos Feb 9, 2026

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

vmuzikar Feb 6, 2026

Choose a reason for hiding this comment

Uh oh!

mabartos Feb 9, 2026

Choose a reason for hiding this comment

Uh oh!

mabartos Feb 11, 2026

Choose a reason for hiding this comment

Uh oh!

mabartos commented Feb 9, 2026

Uh oh!

Pepo48 left a comment

Choose a reason for hiding this comment

Uh oh!

vmuzikar left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

mabartos commented Feb 4, 2026 •

edited

Loading