Skip to content

Commit

Permalink
Resolve failing tests
Browse files Browse the repository at this point in the history
  • Loading branch information
gim- committed Dec 25, 2024
1 parent 0e24cf7 commit 68bead4
Show file tree
Hide file tree
Showing 8 changed files with 201 additions and 29 deletions.
18 changes: 6 additions & 12 deletions example/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -1020,53 +1020,47 @@ resource "keycloak_authentication_execution" "browser-copy-cookie" {
parent_flow_alias = keycloak_authentication_flow.browser-copy-flow.alias
authenticator = "auth-cookie"
requirement = "ALTERNATIVE"
depends_on = [
keycloak_authentication_execution.browser-copy-kerberos
]
priority = 20
}

resource "keycloak_authentication_execution" "browser-copy-kerberos" {
realm_id = keycloak_realm.test.id
parent_flow_alias = keycloak_authentication_flow.browser-copy-flow.alias
authenticator = "auth-spnego"
requirement = "DISABLED"
priority = 10
}

resource "keycloak_authentication_execution" "browser-copy-idp-redirect" {
realm_id = keycloak_realm.test.id
parent_flow_alias = keycloak_authentication_flow.browser-copy-flow.alias
authenticator = "identity-provider-redirector"
requirement = "ALTERNATIVE"
depends_on = [
keycloak_authentication_execution.browser-copy-cookie
]
priority = 30
}

resource "keycloak_authentication_subflow" "browser-copy-flow-forms" {
realm_id = keycloak_realm.test.id
parent_flow_alias = keycloak_authentication_flow.browser-copy-flow.alias
alias = "browser-copy-flow-forms"
requirement = "ALTERNATIVE"
depends_on = [
keycloak_authentication_execution.browser-copy-idp-redirect
]
priority = 40
}

resource "keycloak_authentication_execution" "browser-copy-auth-username-password-form" {
realm_id = keycloak_realm.test.id
parent_flow_alias = keycloak_authentication_subflow.browser-copy-flow-forms.alias
authenticator = "auth-username-password-form"
requirement = "REQUIRED"
priority = 10
}

resource "keycloak_authentication_execution" "browser-copy-otp" {
realm_id = keycloak_realm.test.id
parent_flow_alias = keycloak_authentication_subflow.browser-copy-flow-forms.alias
authenticator = "auth-otp-form"
requirement = "REQUIRED"
depends_on = [
keycloak_authentication_execution.browser-copy-auth-username-password-form
]
priority = 20
}

resource "keycloak_authentication_execution_config" "config" {
Expand Down
16 changes: 16 additions & 0 deletions keycloak/version.go
Original file line number Diff line number Diff line change
Expand Up @@ -74,3 +74,19 @@ func (keycloakClient *KeycloakClient) VersionIsLessThanOrEqualTo(ctx context.Con

return keycloakClient.version.LessThanOrEqual(v), nil
}

func (keycloakClient *KeycloakClient) VersionIsLessThan(ctx context.Context, versionString Version) (bool, error) {
if keycloakClient.version == nil {
err := keycloakClient.login(ctx)
if err != nil {
return false, err
}
}

v, err := version.NewVersion(string(versionString))
if err != nil {
return false, nil
}

return keycloakClient.version.LessThan(v), nil
}
4 changes: 4 additions & 0 deletions provider/data_source_keycloak_authentication_execution.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,10 @@ func dataSourceKeycloakAuthenticationExecution() *schema.Resource {
Type: schema.TypeString,
Required: true,
},
"priority": {
Type: schema.TypeInt,
Optional: true,
},
},
}
}
Expand Down
50 changes: 41 additions & 9 deletions provider/data_source_keycloak_authentication_execution_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,11 @@ import (
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
"github.com/keycloak/terraform-provider-keycloak/keycloak"
)

func TestAccKeycloakDataSourceAuthenticationExecution_basic(t *testing.T) {
skipIfVersionIsGreaterThanOrEqualTo(testCtx, t, keycloakClient, keycloak.Version_25)
t.Parallel()

parentFlowAlias := acctest.RandomWithPrefix("tf-acc")
Expand All @@ -21,7 +23,7 @@ func TestAccKeycloakDataSourceAuthenticationExecution_basic(t *testing.T) {
CheckDestroy: testAccCheckKeycloakAuthenticationExecutionConfigDestroy,
Steps: []resource.TestStep{
{
Config: testDataSourceKeycloakAuthenticationExecution_basic(parentFlowAlias),
Config: testDataSourceKeycloakAuthenticationExecution_basic(parentFlowAlias, 10),
Check: resource.ComposeTestCheckFunc(
testAccCheckKeycloakAuthenticationExecutionExists("keycloak_authentication_execution.execution"),
resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "id", "data.keycloak_authentication_execution.execution", "id"),
Expand All @@ -35,6 +37,33 @@ func TestAccKeycloakDataSourceAuthenticationExecution_basic(t *testing.T) {
})
}

func TestAccKeycloakDataSourceAuthenticationExecutionWithPriority_basic(t *testing.T) {
skipIfVersionIsLessThan(testCtx, t, keycloakClient, keycloak.Version_25)
t.Parallel()

parentFlowAlias := acctest.RandomWithPrefix("tf-acc")

resource.Test(t, resource.TestCase{
ProviderFactories: testAccProviderFactories,
PreCheck: func() { testAccPreCheck(t) },
CheckDestroy: testAccCheckKeycloakAuthenticationExecutionConfigDestroy,
Steps: []resource.TestStep{
{
Config: testDataSourceKeycloakAuthenticationExecution_basic(parentFlowAlias, 10),
Check: resource.ComposeTestCheckFunc(
testAccCheckKeycloakAuthenticationExecutionExists("keycloak_authentication_execution.execution"),
resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "id", "data.keycloak_authentication_execution.execution", "id"),
resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "realm_id", "data.keycloak_authentication_execution.execution", "realm_id"),
resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "priority", "data.keycloak_authentication_execution.execution", "priority"),
resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "parent_flow_alias", "data.keycloak_authentication_execution.execution", "parent_flow_alias"),
resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "authenticator", "data.keycloak_authentication_execution.execution", "provider_id"),
testAccCheckDataKeycloakAuthenticationExecution("data.keycloak_authentication_execution.execution"),
),
},
},
})
}

func TestAccKeycloakDataSourceAuthenticationExecution_errorNoExecutions(t *testing.T) {
t.Parallel()
parentFlowAlias := acctest.RandomWithPrefix("tf-acc")
Expand All @@ -45,7 +74,7 @@ func TestAccKeycloakDataSourceAuthenticationExecution_errorNoExecutions(t *testi
CheckDestroy: testAccCheckKeycloakAuthenticationExecutionConfigDestroy,
Steps: []resource.TestStep{
{
Config: testDataSourceKeycloakAuthenticationExecution_errorNoExecutions(parentFlowAlias),
Config: testDataSourceKeycloakAuthenticationExecution_errorNoExecutions(parentFlowAlias, 10),
ExpectError: regexp.MustCompile("no authentication executions found for parent flow alias .*"),
},
},
Expand All @@ -62,7 +91,7 @@ func TestAccKeycloakDataSourceAuthenticationExecution_errorWrongProviderId(t *te
CheckDestroy: testAccCheckKeycloakAuthenticationExecutionConfigDestroy,
Steps: []resource.TestStep{
{
Config: testDataSourceKeycloakAuthenticationExecution_errorWrongProviderId(parentFlowAlias, acctest.RandString(10)),
Config: testDataSourceKeycloakAuthenticationExecution_errorWrongProviderId(parentFlowAlias, acctest.RandString(10), 10),
ExpectError: regexp.MustCompile("no authentication execution under parent flow alias .* with provider id .* found"),
},
},
Expand Down Expand Up @@ -94,7 +123,7 @@ func testAccCheckDataKeycloakAuthenticationExecution(resourceName string) resour
}
}

func testDataSourceKeycloakAuthenticationExecution_basic(parentFlowAlias string) string {
func testDataSourceKeycloakAuthenticationExecution_basic(parentFlowAlias string, priority int) string {
return fmt.Sprintf(`
data "keycloak_realm" "realm" {
realm = "%s"
Expand All @@ -110,6 +139,7 @@ resource "keycloak_authentication_execution" "execution" {
parent_flow_alias = keycloak_authentication_flow.flow.alias
authenticator = "identity-provider-redirector"
requirement = "REQUIRED"
priority = %d
}
data "keycloak_authentication_execution" "execution" {
Expand All @@ -121,10 +151,10 @@ data "keycloak_authentication_execution" "execution" {
keycloak_authentication_execution.execution,
]
}
`, testAccRealm.Realm, parentFlowAlias)
`, testAccRealm.Realm, parentFlowAlias, priority)
}

func testDataSourceKeycloakAuthenticationExecution_errorNoExecutions(parentFlowAlias string) string {
func testDataSourceKeycloakAuthenticationExecution_errorNoExecutions(parentFlowAlias string, priority int) string {
return fmt.Sprintf(`
data "keycloak_realm" "realm" {
realm = "%s"
Expand All @@ -139,15 +169,16 @@ data "keycloak_authentication_execution" "execution" {
realm_id = data.keycloak_realm.realm.id
parent_flow_alias = keycloak_authentication_flow.flow.alias
provider_id = "foo"
priority = %d
depends_on = [
keycloak_authentication_flow.flow,
]
}
`, testAccRealm.Realm, parentFlowAlias)
`, testAccRealm.Realm, parentFlowAlias, priority)
}

func testDataSourceKeycloakAuthenticationExecution_errorWrongProviderId(parentFlowAlias, providerId string) string {
func testDataSourceKeycloakAuthenticationExecution_errorWrongProviderId(parentFlowAlias, providerId string, priority int) string {
return fmt.Sprintf(`
data "keycloak_realm" "realm" {
realm = "%s"
Expand All @@ -163,6 +194,7 @@ resource "keycloak_authentication_execution" "execution" {
parent_flow_alias = keycloak_authentication_flow.flow.alias
authenticator = "identity-provider-redirector"
requirement = "REQUIRED"
priority = %d
}
data "keycloak_authentication_execution" "execution" {
Expand All @@ -174,5 +206,5 @@ data "keycloak_authentication_execution" "execution" {
keycloak_authentication_execution.execution,
]
}
`, testAccRealm.Id, parentFlowAlias, providerId)
`, testAccRealm.Id, parentFlowAlias, priority, providerId)
}
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ func TestAccKeycloakAuthenticationExecutionConfig_basic(t *testing.T) {
CheckDestroy: testAccCheckKeycloakAuthenticationExecutionConfigDestroy,
Steps: []resource.TestStep{
{
Config: testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAlias, configProviderOne),
Config: testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAlias, configProviderOne, 10),
Check: resource.ComposeTestCheckFunc(
testAccCheckKeycloakAuthenticationExecutionConfigExists("keycloak_authentication_execution_config.config", &config1),
resource.TestCheckResourceAttr("keycloak_authentication_execution_config.config", "realm_id", testAccRealm.Realm),
Expand All @@ -36,7 +36,7 @@ func TestAccKeycloakAuthenticationExecutionConfig_basic(t *testing.T) {
),
},
{
Config: testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAlias, configProviderTwo),
Config: testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAlias, configProviderTwo, 10),
Check: resource.ComposeTestCheckFunc(
testAccCheckKeycloakAuthenticationExecutionConfigExists("keycloak_authentication_execution_config.config", &config2),
resource.TestCheckResourceAttr("keycloak_authentication_execution_config.config", "realm_id", testAccRealm.Realm),
Expand Down Expand Up @@ -66,7 +66,7 @@ func TestAccKeycloakAuthenticationExecutionConfig_updateForcesNew(t *testing.T)
CheckDestroy: testAccCheckKeycloakAuthenticationExecutionConfigDestroy,
Steps: []resource.TestStep{
{
Config: testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAliasOne, configProvider),
Config: testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAliasOne, configProvider, 10),
Check: resource.ComposeTestCheckFunc(
testAccCheckKeycloakAuthenticationExecutionConfigExists("keycloak_authentication_execution_config.config", &config1),
resource.TestCheckResourceAttr("keycloak_authentication_execution_config.config", "realm_id", testAccRealm.Realm),
Expand All @@ -76,7 +76,7 @@ func TestAccKeycloakAuthenticationExecutionConfig_updateForcesNew(t *testing.T)
),
},
{
Config: testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAliasTwo, configProvider),
Config: testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAliasTwo, configProvider, 10),
Check: resource.ComposeTestCheckFunc(
testAccCheckKeycloakAuthenticationExecutionConfigExists("keycloak_authentication_execution_config.config", &config2),
resource.TestCheckResourceAttr("keycloak_authentication_execution_config.config", "realm_id", testAccRealm.Realm),
Expand All @@ -103,7 +103,7 @@ func TestAccKeycloakAuthenticationExecutionConfig_import(t *testing.T) {
CheckDestroy: testAccCheckKeycloakAuthenticationExecutionConfigDestroy,
Steps: []resource.TestStep{
{
Config: testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAlias, configProvider),
Config: testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAlias, configProvider, 10),
},
{
ResourceName: "keycloak_authentication_execution_config.config",
Expand Down Expand Up @@ -184,7 +184,7 @@ func testAccCheckKeycloakAuthenticationExecutionConfigForceNew(old, new *keycloa
}
}

func testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAlias, configProvider string) string {
func testAccKeycloakAuthenticationExecutionConfig(flowAlias, configAlias, configProvider string, priority int) string {
return fmt.Sprintf(`
data "keycloak_realm" "realm" {
realm = "%s"
Expand All @@ -199,6 +199,7 @@ resource "keycloak_authentication_execution" "execution" {
realm_id = data.keycloak_realm.realm.id
parent_flow_alias = keycloak_authentication_flow.flow.alias
authenticator = "identity-provider-redirector"
priority = %d
}
resource "keycloak_authentication_execution_config" "config" {
Expand All @@ -208,5 +209,5 @@ resource "keycloak_authentication_execution_config" "config" {
config = {
defaultProvider = "%s"
}
}`, testAccRealm.Realm, flowAlias, configAlias, configProvider)
}`, testAccRealm.Realm, flowAlias, priority, configAlias, configProvider)
}
57 changes: 56 additions & 1 deletion provider/resource_keycloak_authentication_execution_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,41 @@ func TestAccKeycloakAuthenticationExecution_updateAuthenticationExecutionRequire
})
}

func TestAccKeycloakAuthenticationExecution_updateAuthenticationExecutionPriority(t *testing.T) {
skipIfVersionIsLessThan(testCtx, t, keycloakClient, keycloak.Version_25)
t.Parallel()
authParentFlowAlias := acctest.RandomWithPrefix("tf-acc")

resource.Test(t, resource.TestCase{
ProviderFactories: testAccProviderFactories,
PreCheck: func() { testAccPreCheck(t) },
CheckDestroy: testAccCheckKeycloakAuthenticationSubFlowDestroy(),
Steps: []resource.TestStep{
{
Config: testKeycloakAuthenticationExecution_basicWithPriority(authParentFlowAlias, 50),
Check: resource.ComposeTestCheckFunc(
testAccCheckKeycloakAuthenticationExecutionExists("keycloak_authentication_execution.execution"),
resource.TestCheckResourceAttr("keycloak_authentication_execution.execution", "priority", "50"),
),
},
{
Config: testKeycloakAuthenticationExecution_basicWithPriority(authParentFlowAlias, 60),
Check: resource.ComposeTestCheckFunc(
testAccCheckKeycloakAuthenticationExecutionExists("keycloak_authentication_execution.execution"),
resource.TestCheckResourceAttr("keycloak_authentication_execution.execution", "priority", "60"),
),
},
{
Config: testKeycloakAuthenticationExecution_basicWithPriority(authParentFlowAlias, 70),
Check: resource.ComposeTestCheckFunc(
testAccCheckKeycloakAuthenticationExecutionExists("keycloak_authentication_execution.execution"),
resource.TestCheckResourceAttr("keycloak_authentication_execution.execution", "priority", "70"),
),
},
},
})
}

func testAccCheckKeycloakAuthenticationExecutionExists(resourceName string) resource.TestCheckFunc {
return func(s *terraform.State) error {
_, err := getAuthenticationExecutionFromState(s, resourceName)
Expand Down Expand Up @@ -199,7 +234,27 @@ resource "keycloak_authentication_execution" "execution" {
`, testAccRealm.Realm, parentAlias)
}

func testKeycloakAuthenticationExecution_basicWithRequirement(parentAlias, requirement string) string {
func testKeycloakAuthenticationExecution_basicWithPriority(parentAlias string, priority int) string {
return fmt.Sprintf(`
data "keycloak_realm" "realm" {
realm = "%s"
}
resource "keycloak_authentication_flow" "flow" {
realm_id = data.keycloak_realm.realm.id
alias = "%s"
}
resource "keycloak_authentication_execution" "execution" {
realm_id = data.keycloak_realm.realm.id
parent_flow_alias = keycloak_authentication_flow.flow.alias
authenticator = "auth-cookie"
priority = %d
}
`, testAccRealm.Realm, parentAlias, priority)
}

func testKeycloakAuthenticationExecution_basicWithRequirement(parentAlias string, requirement string) string {
return fmt.Sprintf(`
data "keycloak_realm" "realm" {
realm = "%s"
Expand Down
Loading

0 comments on commit 68bead4

Please sign in to comment.