mirror of https://github.com/jacekkow/keycloak-protocol-cas

github-actions
2021-08-21 47ad3ee8ea31ad7ac49837c74c0abe80c6cd90a1
integrationTest/suite.sh
@@ -1,41 +1,65 @@
#!/bin/bash
set -e
keycloak_cas_url='http://localhost:8080/auth/realms/master/protocol/cas'
action_pattern='action="([^"]+)"'
ticket_pattern='Location: .*\?ticket=(ST-[-A-Za-z0-9_.=]+)'
get_ticket() {
    login_response=$(curl --fail --silent -c /tmp/cookies http://localhost:8080/auth/realms/master/protocol/cas/login?service=http://localhost)
    if [[ !($login_response =~ $action_pattern) ]] ; then
    local cookie_options="-b /tmp/cookies"
    if [ "$1" == "save_cookies" ]; then
      cookie_options="${cookie_options} -c /tmp/cookies"
    fi
    local login_response=$(curl --fail --silent -c /tmp/cookies "${keycloak_cas_url}/login?service=http://localhost")
    if [[ ! ($login_response =~ $action_pattern) ]] ; then
        echo "Could not parse login form in response"
        echo $login_response
        echo "${login_response}"
        exit 1
    fi
    login_url=${BASH_REMATCH[1]}
    redirect_response=$(curl --fail --silent -D - -b /tmp/cookies --data 'username=admin&password=admin' "$login_url")
    if [[ !($redirect_response =~ $ticket_pattern) ]] ; then
    local login_url=${BASH_REMATCH[1]//&/&}
    local redirect_response=$(curl --fail --silent -D - $cookie_options --data 'username=admin&password=admin' "$login_url")
    if [[ ! ($redirect_response =~ $ticket_pattern) ]] ; then
        echo "No service ticket found in response"
        echo $redirect_response
        echo "${redirect_response}"
        exit 1
    fi
    ticket=${BASH_REMATCH[1]}
    echo $ticket
    echo "${BASH_REMATCH[1]}"
}
get_ticket
curl --fail --silent "http://localhost:8080/auth/realms/master/protocol/cas/validate?service=http://localhost&ticket=$ticket"
# CAS 1.0
ticket=$(get_ticket)
curl --fail --silent "${keycloak_cas_url}/validate?service=http://localhost&ticket=$ticket"
echo
get_ticket
curl --fail --silent "http://localhost:8080/auth/realms/master/protocol/cas/serviceValidate?service=http://localhost&format=XML&ticket=$ticket"
# CAS 2.0
ticket=$(get_ticket)
curl --fail --silent "${keycloak_cas_url}/serviceValidate?service=http://localhost&format=XML&ticket=$ticket"
echo
get_ticket
curl --fail --silent "http://localhost:8080/auth/realms/master/protocol/cas/serviceValidate?service=http://localhost&format=JSON&ticket=$ticket"
ticket=$(get_ticket)
curl --fail --silent "${keycloak_cas_url}/serviceValidate?service=http://localhost&format=JSON&ticket=$ticket"
echo
get_ticket
curl --fail --silent "http://localhost:8080/auth/realms/master/protocol/cas/p3/serviceValidate?service=http://localhost&format=JSON&ticket=$ticket"
# CAS 3.0
ticket=$(get_ticket save_cookies)
curl --fail --silent "${keycloak_cas_url}/p3/serviceValidate?service=http://localhost&format=JSON&ticket=$ticket"
echo
# CAS, gateway option
get_ticket save_cookies
login_response=$(curl --fail --silent -D - -b /tmp/cookies "${keycloak_cas_url}/login?service=http://localhost&gateway=true")
if echo "${login_response}" | grep '^Location: http://localhost\?ticket='; then
    echo "Gateway option did not redirect back to service with ticket"
    echo "${login_response}"
    exit 1
fi
login_response=$(curl --fail --silent -D - "${keycloak_cas_url}/login?service=http://localhost&gateway=true")
if echo "${login_response}" | grep '^Location: http://localhost$'; then
    echo "Gateway option did not redirect back to service without ticket"
    echo "${login_response}"
    exit 1
fi