Changeset View
Changeset View
Standalone View
Standalone View
spec/acceptance/8_identity_provider_spec.rb
Show All 13 Lines | it 'runs successfully' do | ||||
display_name => 'CILogon', | display_name => 'CILogon', | ||||
provider_id => 'oidc', | provider_id => 'oidc', | ||||
first_broker_login_flow_alias => 'browser', | first_broker_login_flow_alias => 'browser', | ||||
client_id => 'cilogon:/client_id/foobar', | client_id => 'cilogon:/client_id/foobar', | ||||
client_secret => 'supersecret', | client_secret => 'supersecret', | ||||
user_info_url => 'https://cilogon.org/oauth2/userinfo', | user_info_url => 'https://cilogon.org/oauth2/userinfo', | ||||
token_url => 'https://cilogon.org/oauth2/token', | token_url => 'https://cilogon.org/oauth2/token', | ||||
authorization_url => 'https://cilogon.org/authorize', | authorization_url => 'https://cilogon.org/authorize', | ||||
jwks_url => 'https://cilogon.org/jwks', | |||||
gui_order => 1, | |||||
} | |||||
keycloak_identity_provider { 'foo on test': | |||||
ensure => 'present', | |||||
display_name => 'foo', | |||||
provider_id => 'keycloak-oidc', | |||||
first_broker_login_flow_alias => 'browser', | |||||
client_id => 'foobar', | |||||
client_secret => 'supersecret', | |||||
user_info_url => 'https://foo/oauth2/userinfo', | |||||
token_url => 'https://foo/oauth2/token', | |||||
authorization_url => 'https://foo/authorize', | |||||
gui_order => 2, | |||||
} | } | ||||
EOS | EOS | ||||
apply_manifest(pp, catch_failures: true) | apply_manifest(pp, catch_failures: true) | ||||
apply_manifest(pp, catch_changes: true) | apply_manifest(pp, catch_changes: true) | ||||
end | end | ||||
it 'has created identity provider' do | it 'has created identity provider' do | ||||
on hosts, '/opt/keycloak/bin/kcadm-wrapper.sh get identity-provider/instances/cilogon -r test' do | on hosts, '/opt/keycloak/bin/kcadm-wrapper.sh get identity-provider/instances/cilogon -r test' do | ||||
data = JSON.parse(stdout) | data = JSON.parse(stdout) | ||||
expect(data['enabled']).to eq(true) | expect(data['enabled']).to eq(true) | ||||
expect(data['displayName']).to eq('CILogon') | expect(data['displayName']).to eq('CILogon') | ||||
expect(data['providerId']).to eq('oidc') | |||||
expect(data['config']['jwksUrl']).to eq('https://cilogon.org/jwks') | |||||
expect(data['config']['guiOrder']).to eq('1') | |||||
expect(data['config']['syncMode']).to eq('IMPORT') | |||||
end | |||||
end | |||||
it 'has created keycloak-oidc identity provider' do | |||||
on hosts, '/opt/keycloak/bin/kcadm-wrapper.sh get identity-provider/instances/foo -r test' do | |||||
data = JSON.parse(stdout) | |||||
expect(data['enabled']).to eq(true) | |||||
expect(data['displayName']).to eq('foo') | |||||
expect(data['providerId']).to eq('keycloak-oidc') | |||||
expect(data['config']['userInfoUrl']).to eq('https://foo/oauth2/userinfo') | |||||
expect(data['config']['tokenUrl']).to eq('https://foo/oauth2/token') | |||||
expect(data['config']['authorizationUrl']).to eq('https://foo/authorize') | |||||
expect(data['config']['guiOrder']).to eq('2') | |||||
end | end | ||||
end | end | ||||
end | end | ||||
context 'updates identity provider' do | context 'updates identity provider' do | ||||
it 'runs successfully' do | it 'runs successfully' do | ||||
pp = <<-EOS | pp = <<-EOS | ||||
include mysql::server | include mysql::server | ||||
class { 'keycloak': | class { 'keycloak': | ||||
datasource_driver => 'mysql', | datasource_driver => 'mysql', | ||||
} | } | ||||
keycloak_realm { 'test': ensure => 'present' } | keycloak_realm { 'test': ensure => 'present' } | ||||
keycloak_identity_provider { 'cilogon on test': | keycloak_identity_provider { 'cilogon on test': | ||||
ensure => 'present', | ensure => 'present', | ||||
display_name => 'CILogon', | display_name => 'CILogon', | ||||
provider_id => 'oidc', | provider_id => 'oidc', | ||||
first_broker_login_flow_alias => 'first broker login', | first_broker_login_flow_alias => 'first broker login', | ||||
client_id => 'cilogon:/client_id/foobar', | client_id => 'cilogon:/client_id/foobar', | ||||
client_secret => 'supersecret', | client_secret => 'supersecret', | ||||
user_info_url => 'https://cilogon.org/oauth2/userinfo', | user_info_url => 'https://cilogon.org/oauth2/userinfo', | ||||
token_url => 'https://cilogon.org/oauth2/token', | token_url => 'https://cilogon.org/oauth2/token', | ||||
authorization_url => 'https://cilogon.org/authorize', | authorization_url => 'https://cilogon.org/authorize', | ||||
jwks_url => 'https://cilogon.org/jwks', | |||||
gui_order => 3, | |||||
sync_mode => 'FORCE', | |||||
} | |||||
keycloak_identity_provider { 'foo on test': | |||||
ensure => 'present', | |||||
display_name => 'foo', | |||||
provider_id => 'keycloak-oidc', | |||||
first_broker_login_flow_alias => 'browser', | |||||
client_id => 'foobar', | |||||
client_secret => 'supersecret', | |||||
user_info_url => 'https://foo/userinfo', | |||||
token_url => 'https://foo/token', | |||||
authorization_url => 'https://foo/authorize', | |||||
gui_order => 4, | |||||
} | } | ||||
EOS | EOS | ||||
apply_manifest(pp, catch_failures: true) | apply_manifest(pp, catch_failures: true) | ||||
apply_manifest(pp, catch_changes: true) | apply_manifest(pp, catch_changes: true) | ||||
end | end | ||||
it 'has created identity provider' do | it 'has created identity provider' do | ||||
on hosts, '/opt/keycloak/bin/kcadm-wrapper.sh get identity-provider/instances/cilogon -r test' do | on hosts, '/opt/keycloak/bin/kcadm-wrapper.sh get identity-provider/instances/cilogon -r test' do | ||||
data = JSON.parse(stdout) | data = JSON.parse(stdout) | ||||
expect(data['enabled']).to eq(true) | expect(data['enabled']).to eq(true) | ||||
expect(data['displayName']).to eq('CILogon') | |||||
expect(data['providerId']).to eq('oidc') | |||||
expect(data['config']['jwksUrl']).to eq('https://cilogon.org/jwks') | |||||
expect(data['firstBrokerLoginFlowAlias']).to eq('first broker login') | expect(data['firstBrokerLoginFlowAlias']).to eq('first broker login') | ||||
expect(data['config']['guiOrder']).to eq('3') | |||||
expect(data['config']['syncMode']).to eq('FORCE') | |||||
end | |||||
end | |||||
it 'has created keycloak-oidc identity provider' do | |||||
on hosts, '/opt/keycloak/bin/kcadm-wrapper.sh get identity-provider/instances/foo -r test' do | |||||
data = JSON.parse(stdout) | |||||
expect(data['enabled']).to eq(true) | |||||
expect(data['displayName']).to eq('foo') | |||||
expect(data['providerId']).to eq('keycloak-oidc') | |||||
expect(data['config']['userInfoUrl']).to eq('https://foo/userinfo') | |||||
expect(data['config']['tokenUrl']).to eq('https://foo/token') | |||||
expect(data['config']['authorizationUrl']).to eq('https://foo/authorize') | |||||
expect(data['config']['guiOrder']).to eq('4') | |||||
end | end | ||||
end | end | ||||
end | end | ||||
context 'ensure => absent' do | context 'ensure => absent' do | ||||
it 'runs successfully' do | it 'runs successfully' do | ||||
pp = <<-EOS | pp = <<-EOS | ||||
include mysql::server | include mysql::server | ||||
Show All 21 Lines |