f131ae98a8
Some extra steps are needed to use keycloak with a reverse proxy. This adjusts the apache config to send the required headers and the keycloak server config to use them. Since the openid configuration json page is constructed entirely from these headers (and not from static configuration), this is a good test that the entire system is working. Change-Id: I662dc85836d640cb732f12f39e9a61607767fcf3
33 lines
1.2 KiB
Python
33 lines
1.2 KiB
Python
# Copyright 2018 Red Hat, Inc.
|
|
# Copyright 2021 Acme Gating, LLC
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
testinfra_hosts = ['keycloak01.opendev.org']
|
|
|
|
|
|
def test_keycloak_listening(host):
|
|
keycloak = host.socket("tcp://127.0.0.1:8080")
|
|
assert keycloak.is_listening
|
|
|
|
def test_keycloak_openid_config(host):
|
|
# This tests the proxy config since the output is determined by
|
|
# the proxy headers and is not hard-coded configuration.
|
|
cmd = host.run('curl --insecure '
|
|
'--resolve keycloak.opendev.org:443:127.0.0.1 '
|
|
'https://keycloak.opendev.org/auth/realms/master'
|
|
'/.well-known/openid-configuration')
|
|
assert ('"issuer":"https://keycloak.opendev.org/auth/realms/master"'
|
|
in cmd.stdout)
|