I have build an OpenID Connect Login for my java application (without spring). Now I want to have an automated test for the OIDC process. I am using KeyCloak as auth-server. For OIDC my test has to login on the keyloak login page by passing the username and password. For this I am using HtmlUnit and a simple http-server for the redirect.
// Setup http-server to recieve the code from the redirect
HttpServer server = HttpServer.create(new InetSocketAddress(InetAddress.getLocalHost().getHostAddress(), 8001), 0);
server.createContext("/oidc_test_callback", new HttpHandler() {
@Override
public void handle(HttpExchange exchange) throws IOException {
String url = exchange.getRequestURI().toString();
String parameter = "code=";
String codeValue = url.substring(url.indexOf(parameter) + parameter.length());
// continue the test with the code
}
});
server.setExecutor(null);
server.start();
// login with the dummy-user on the keyloak loginpage
String url = ...; // the URL looks like http://keycloak:8080/auth/realms/testRealm/protocol/openid-connect/auth?client_id=myAppName&redirect_uri=http%3A%2F%2F192.168.202.102%3A8001%2Foidc_test_callback&response_type=code&scope=openid+profile&state=7944e52a-467a-4000-874b-ea4991dbeaeb&nonce=somecorrelationnonce&login_hint=&acr_values=
try (WebClient webClient = new WebClient()) {
webClient.getOptions().setCssEnabled(true);
webClient.getOptions().setRedirectEnabled(true);
webClient.getOptions().setJavaScriptEnabled(true);
webClient.setAjaxController(new NicelyResynchronizingAjaxController());
HtmlPage page = webClient.getPage(url);
HtmlForm form = (HtmlForm) page.getElementById("kc-form-login");
HtmlTextInput inputUsername = form.getInputByName("username");
HtmlPasswordInput inputPassword = (HtmlPasswordInput) form.getInputByName("password");
inputUsername.type("admin");
inputPassword.type("admin");
HtmlSubmitInput buttonLogin = (HtmlSubmitInput) form.getInputByName("login");
buttonLogin.click();
} catch (Exception ex) {
Assertions.fail(ex);
}
When I run this code the http-server does not recieve anything. It looks like the login button does not execute properly.
Here is the html-code from the keycloak login page:
<div id="kc-form">
<div id="kc-form-wrapper">
<form id="kc-form-login" onsubmit="login.disabled = true; return true;" action="http://keycloak:8080/auth/realms/testRealm/login-actions/authenticate?session_code=dIFFDFXC9YsXhiR0PLdfOjj-YcV-j_rZWr5DBVkQ8UU&execution=108fb093-287d-4c18-b4a9-10a162e908ca&client_id=UMS_Loginserver&tab_id=tKYHYQvKb70" method="post">
<div class="form-group">
<label for="username" class="pf-c-form__label pf-c-form__label-text">Username or email</label>
<input tabindex="1" id="username" class="pf-c-form-control" name="username" value="" type="text" autofocus autocomplete="off"
aria-invalid=""
/>
</div>
<div class="form-group">
<label for="password" class="pf-c-form__label pf-c-form__label-text">Password</label>
<input tabindex="2" id="password" class="pf-c-form-control" name="password" type="password" autocomplete="off"
aria-invalid=""
/>
</div>
<div class="form-group login-pf-settings">
<div id="kc-form-options">
</div>
<div class="">
</div>
</div>
<div id="kc-form-buttons" class="form-group">
<input type="hidden" id="id-hidden-input" name="credentialId" />
<input tabindex="4" class="pf-c-button pf-m-primary pf-m-block btn-lg" name="login" id="kc-login" type="submit" value="Sign In"/>
</div>
</form>
</div>
</div>
Advertisement
Answer
I solved it myself by passing the correct user credentials……the password was “admin1”