-
Improvement
-
Resolution: Fixed
-
Neutral
-
None
-
None
-
None
-
-
Empty show more show less
-
AdminX 16, AdminX 17
-
5
As a result of MGNLSSO-96, there is a missing integration test for the direct client flow.
The scenario is:
- Prerequisite: Setup SSO module with an addition direct client
- Get the token from Keycloak token endpoint
- Use the token in the Authentication header Bearer type to get content from Magnolia
Please checkout the Postman requests collection to know more.
Dev notes:
- Tried to create the test in SsoModuleIT class (see example in attachment), but it failed to run in current setup that IT is run on the Host and connect Keycloak in Docker container (localhost:8080) and Magnolia instance (localhost:8081)
- The token obtained from Keycloak token endpoint (localhost:8080), but it can't be verified through "keycloak:8080" in SSO module because the token is issued by different host then the verification process. So, it's possible if we can reach the Keycloak from the host using host name (keycloak in this case) to get the token.
- So, we may need to create the test in different setup to achieve this.
Acceptance criteria
- relates to
-
MGNLSSO-96 Non-interactive SSO access to REST endpoints
- Closed
1.
|
Implement new test | Closed | Nguyen Phung Chi | |
2.
|
Review | Closed | Evzen Fochr |