Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove conditionalization from Wiremock section #41977

Merged
merged 1 commit into from
Jul 18, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions docs/src/main/asciidoc/security-oidc-auth0-tutorial.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -887,7 +887,6 @@ Open a browser, access http://localhost:8080/hello and get the name displayed in

To confirm the permission is correctly enforced, change it to `echo.name`: `@PermissionsAllowed("echo.name")`. Clear the browser cache, access http://localhost:8080/hello again and you will get `403` reported by `ApiEchoService`. Now revert it back to `@PermissionsAllowed("echo:name")`.

ifndef::no-deprecated-test-resource[]
== Integration testing

You have already used OIDC DevUI SPA to login to Auth0 and test the Quarkus endpoint with the access token, updating the endpoint code along the way.
Expand Down Expand Up @@ -1036,7 +1035,6 @@ image::auth0-test-success.png[Auth0 test success]
By the way, if you like, you can run the tests in Continuous mode directly from DevUI:

image::auth0-continuous-testing.png[Auth0 Continuous testing]
endif::no-deprecated-test-resource[]

[[production-mode]]
== Production mode
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -574,9 +574,8 @@
testImplementation("io.quarkus:quarkus-junit5")
----

ifndef::no-deprecated-test-resource[]
[[bearer-token-integration-testing-wiremock]]
==== WireMock

Check warning on line 578 in docs/src/main/asciidoc/security-oidc-bearer-token-authentication.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Headings] Use sentence-style capitalization in 'WireMock'. Raw Output: {"message": "[Quarkus.Headings] Use sentence-style capitalization in 'WireMock'.", "location": {"path": "docs/src/main/asciidoc/security-oidc-bearer-token-authentication.adoc", "range": {"start": {"line": 578, "column": 6}}}, "severity": "INFO"}

Add the following dependencies to your test project:

Expand Down Expand Up @@ -695,7 +694,6 @@
}
}
----
endif::no-deprecated-test-resource[]

[[integration-testing-oidc-test-client]]
=== `OidcTestClient`
Expand All @@ -711,10 +709,9 @@
%test.quarkus.oidc.credentials.secret=secret
----

ifndef::no-deprecated-test-resource[]
To start, add the same dependency, `quarkus-test-oidc-server`, as described in the <<bearer-token-integration-testing-wiremock>> section.

Next, write the test code as follows:

Check warning on line 714 in docs/src/main/asciidoc/security-oidc-bearer-token-authentication.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.TermsSuggestions] Depending on the context, consider using 'because' or 'while' rather than 'as'. Raw Output: {"message": "[Quarkus.TermsSuggestions] Depending on the context, consider using 'because' or 'while' rather than 'as'.", "location": {"path": "docs/src/main/asciidoc/security-oidc-bearer-token-authentication.adoc", "range": {"start": {"line": 714, "column": 27}}}, "severity": "INFO"}

[source, java]
----
Expand Down Expand Up @@ -763,9 +760,8 @@
For a test like this to work, the test `Auth0` application must have the `password` grant enabled.
This example code also shows how to pass additional parameters.
For `Auth0`, these are the `audience` and `scope` parameters.
endif::no-deprecated-test-resource[]

[[bearer-token-integration-testing-keycloak-devservices]]

Check warning on line 764 in docs/src/main/asciidoc/security-oidc-bearer-token-authentication.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Headings] Use sentence-style capitalization in 'Dev Services for Keycloak'. Raw Output: {"message": "[Quarkus.Headings] Use sentence-style capitalization in 'Dev Services for Keycloak'.", "location": {"path": "docs/src/main/asciidoc/security-oidc-bearer-token-authentication.adoc", "range": {"start": {"line": 764, "column": 42}}}, "severity": "INFO"}
==== Dev Services for Keycloak

The preferred approach for integration testing against Keycloak is xref:security-openid-connect-dev-services.adoc[Dev Services for Keycloak].
Expand Down Expand Up @@ -977,16 +973,14 @@
smallrye.jwt.sign.key.location=/privateKey.pem
----

ifndef::no-deprecated-test-resource[]
To generate JWT tokens, copy `privateKey.pem` from the `integration-tests/oidc-tenancy` in the `main` Quarkus repository and use a test code similar to the one in the preceding <<bearer-token-integration-testing-wiremock>> section.
You can use your own test keys, if preferred.

This approach provides limited coverage compared to the WireMock approach.
For example, the remote communication code is not covered.
endif::no-deprecated-test-resource[]

[[bearer-token-integration-testing-security-annotation]]
==== TestSecurity annotation

Check warning on line 983 in docs/src/main/asciidoc/security-oidc-bearer-token-authentication.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Headings] Use sentence-style capitalization in 'TestSecurity annotation'. Raw Output: {"message": "[Quarkus.Headings] Use sentence-style capitalization in 'TestSecurity annotation'.", "location": {"path": "docs/src/main/asciidoc/security-oidc-bearer-token-authentication.adoc", "range": {"start": {"line": 983, "column": 6}}}, "severity": "INFO"}

You can use `@TestSecurity` and `@OidcSecurity` annotations to test the `service` application endpoint code, which depends on either one, or all three, of the following injections:

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1709,8 +1709,7 @@
testImplementation("io.quarkus:quarkus-junit5")
----

ifndef::no-deprecated-test-resource[]
[[code-flow-integration-testing-wiremock]]

Check warning on line 1712 in docs/src/main/asciidoc/security-oidc-code-flow-authentication.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Spelling] Use correct American English spelling. Did you really mean 'Wiremock'? Raw Output: {"message": "[Quarkus.Spelling] Use correct American English spelling. Did you really mean 'Wiremock'?", "location": {"path": "docs/src/main/asciidoc/security-oidc-code-flow-authentication.adoc", "range": {"start": {"line": 1712, "column": 15}}}, "severity": "WARNING"}
=== Wiremock

Add the following dependency:
Expand Down Expand Up @@ -1796,9 +1795,8 @@
Additionally, `OidcWiremockTestResource` sets the token issuer and audience to `https://service.example.com`, which can be customized with `quarkus.test.oidc.token.issuer` and `quarkus.test.oidc.token.audience` system properties.

`OidcWiremockTestResource` can be used to emulate all OIDC providers.
endif::no-deprecated-test-resource[]

[[code-flow-integration-testing-keycloak-devservices]]

Check warning on line 1799 in docs/src/main/asciidoc/security-oidc-code-flow-authentication.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Headings] Use sentence-style capitalization in 'Dev Services for Keycloak'. Raw Output: {"message": "[Quarkus.Headings] Use sentence-style capitalization in 'Dev Services for Keycloak'.", "location": {"path": "docs/src/main/asciidoc/security-oidc-code-flow-authentication.adoc", "range": {"start": {"line": 1799, "column": 16}}}, "severity": "INFO"}
=== Dev Services for Keycloak

Using xref:security-openid-connect-dev-services.adoc[Dev Services for Keycloak] is recommended for integration testing against Keycloak.
Expand All @@ -1821,9 +1819,8 @@
----
%prod.quarkus.oidc.auth-server-url=http://localhost:8180/realms/quarkus
quarkus.keycloak.devservices.realm-path=quarkus-realm.json
----

Check warning on line 1822 in docs/src/main/asciidoc/security-oidc-code-flow-authentication.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.TermsSuggestions] Depending on the context, consider using 'because' or 'while' rather than 'as'. Raw Output: {"message": "[Quarkus.TermsSuggestions] Depending on the context, consider using 'because' or 'while' rather than 'as'.", "location": {"path": "docs/src/main/asciidoc/security-oidc-code-flow-authentication.adoc", "range": {"start": {"line": 1822, "column": 3}}}, "severity": "INFO"}

ifndef::no-deprecated-test-resource[]
Finally, write a test code the same way as it is described in the <<code-flow-integration-testing-wiremock,Wiremock>> section.
The only difference is that `@WithTestResource` is no longer needed:

Expand All @@ -1833,7 +1830,6 @@
public class CodeFlowAuthorizationTest {
}
----
endif::no-deprecated-test-resource[]

ifndef::no-deprecated-test-resource[]
[[code-flow-integration-testing-keycloak]]
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -952,9 +952,8 @@
</dependency>
----

ifndef::no-deprecated-test-resource[]
[[oidc-client-ref-integration-testing-wiremock]]
==== Wiremock

Check warning on line 956 in docs/src/main/asciidoc/security-openid-connect-client-reference.adoc

View workflow job for this annotation

GitHub Actions / Linting with Vale

[vale] reported by reviewdog 🐶 [Quarkus.Spelling] Use correct American English spelling. Did you really mean 'Wiremock'? Raw Output: {"message": "[Quarkus.Spelling] Use correct American English spelling. Did you really mean 'Wiremock'?", "location": {"path": "docs/src/main/asciidoc/security-openid-connect-client-reference.adoc", "range": {"start": {"line": 956, "column": 6}}}, "severity": "WARNING"}

Add the following dependencies to your test project:

Expand Down Expand Up @@ -1042,7 +1041,6 @@
----

And finally, write the test code. Given the Wiremock-based resource above, the first test invocation should return the `access_token_1` access token, which will expire in 4 seconds. Use `awaitility` to wait for about 5 seconds, and now the next test invocation should return the `access_token_2` access token, which confirms the expired `access_token_1` access token has been refreshed.
endif::no-deprecated-test-resource[]

==== Keycloak

Expand Down