Migrate AdminSignatureAlgorithmTest (#35049)

Part of #34494

Signed-off-by: stianst <stianst@gmail.com>

test-framework/core/src/main/java/org/keycloak/test/framework/annotations/InjectRealm.java

@@ -18,4 +18,7 @@ public @interface InjectRealm {
     LifeCycle lifecycle() default LifeCycle.CLASS;
 
     String ref() default "";
+
+    boolean createRealm() default true;
+
 }

test-framework/core/src/main/java/org/keycloak/test/framework/realm/RealmConfigBuilder.java

@@ -33,6 +33,11 @@ public class RealmConfigBuilder {
         return this;
     }
 
+    public RealmConfigBuilder defaultSignatureAlgorithm(String algorithm) {
+        rep.setDefaultSignatureAlgorithm(algorithm);
+        return this;
+    }
+
     public RealmConfigBuilder roles(String... roleNames) {
         if (rep.getRoles() == null) {
             rep.setRoles(new RolesRepresentation());

test-framework/core/src/main/java/org/keycloak/test/framework/realm/RealmSupplier.java

@@ -40,7 +40,9 @@ public class RealmSupplier implements Supplier<ManagedRealm, InjectRealm> {
         String realmName = realmRepresentation.getRealm();
         instanceContext.addNote(REALM_NAME_KEY, realmName);
 
-        adminClient.realms().create(realmRepresentation);
+        if (instanceContext.getAnnotation().createRealm()) {
+            adminClient.realms().create(realmRepresentation);
+        }
 
         // TODO Token needs to be invalidated after creating realm to have roles for new realm in the token. Maybe lightweight access tokens could help.
         adminClient.tokenManager().invalidate(adminClient.tokenManager().getAccessTokenString());
@@ -56,7 +58,9 @@ public class RealmSupplier implements Supplier<ManagedRealm, InjectRealm> {
 
     @Override
     public void close(InstanceContext<ManagedRealm, InjectRealm> instanceContext) {
-        instanceContext.getValue().admin().remove();
+        if (instanceContext.getAnnotation().createRealm()) {
+            instanceContext.getValue().admin().remove();
+        }
     }
 
 }

tests/base/src/test/java/org/keycloak/test/admin/AdminSignatureAlgorithmTest.java

@@ -0,0 +1,34 @@
+package org.keycloak.test.admin;
+
+import org.junit.jupiter.api.Test;
+import org.keycloak.TokenVerifier;
+import org.keycloak.admin.client.Keycloak;
+import org.keycloak.crypto.Algorithm;
+import org.keycloak.representations.AccessToken;
+import org.keycloak.representations.AccessTokenResponse;
+import org.keycloak.test.framework.annotations.InjectAdminClient;
+import org.keycloak.test.framework.annotations.InjectRealm;
+import org.keycloak.test.framework.annotations.KeycloakIntegrationTest;
+import org.keycloak.test.framework.realm.ManagedRealm;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+@KeycloakIntegrationTest
+public class AdminSignatureAlgorithmTest {
+
+    @InjectAdminClient
+    Keycloak admin;
+
+    @InjectRealm(ref = "master", createRealm = false)
+    ManagedRealm masterRealm;
+
+    @Test
+    public void changeRealmTokenAlgorithm() throws Exception {
+        masterRealm.updateWithCleanup(r -> r.defaultSignatureAlgorithm(Algorithm.ES256));
+
+        admin.tokenManager().invalidate(admin.tokenManager().getAccessTokenString());
+        AccessTokenResponse accessToken = admin.tokenManager().getAccessToken();
+        TokenVerifier<AccessToken> verifier = TokenVerifier.create(accessToken.getToken(), AccessToken.class);
+        assertEquals(Algorithm.ES256, verifier.getHeader().getAlgorithm().name());
+    }
+}

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminSignatureAlgorithmTest.java

@@ -1,63 +0,0 @@
-package org.keycloak.testsuite.admin;
-
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClientBuilder;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.keycloak.TokenVerifier;
-import org.keycloak.admin.client.Keycloak;
-import org.keycloak.crypto.Algorithm;
-import org.keycloak.representations.AccessToken;
-import org.keycloak.representations.AccessTokenResponse;
-import org.keycloak.representations.idm.RealmRepresentation;
-import org.keycloak.testsuite.AbstractKeycloakTest;
-import org.keycloak.testsuite.util.AdminClientUtil;
-import org.keycloak.testsuite.util.TokenSignatureUtil;
-
-import java.io.IOException;
-import java.util.List;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-
-public class AdminSignatureAlgorithmTest extends AbstractKeycloakTest {
-
-    private CloseableHttpClient client;
-
-    @Before
-    public void before() {
-        client = HttpClientBuilder.create().build();
-    }
-
-    @After
-    public void after() {
-        try {
-            client.close();
-        } catch (IOException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    @Override
-    public void addTestRealms(List<RealmRepresentation> testRealms) {
-    }
-
-    @Test
-    public void changeRealmTokenAlgorithm() throws Exception {
-        String defaultSignatureAlgorithm = adminClient.realm("master").toRepresentation().getDefaultSignatureAlgorithm();
-
-        TokenSignatureUtil.changeRealmTokenSignatureProvider("master", adminClient, Algorithm.ES256);
-
-        try (Keycloak adminClient = AdminClientUtil.createAdminClient(suiteContext.isAdapterCompatTesting(), suiteContext.getAuthServerInfo().getContextRoot().toString())) {
-            AccessTokenResponse accessToken = adminClient.tokenManager().getAccessToken();
-            TokenVerifier<AccessToken> verifier = TokenVerifier.create(accessToken.getToken(), AccessToken.class);
-            assertEquals(Algorithm.ES256, verifier.getHeader().getAlgorithm().name());
-
-            assertNotNull(adminClient.realms().findAll());
-        } finally {
-            TokenSignatureUtil.changeRealmTokenSignatureProvider("master", adminClient, defaultSignatureAlgorithm);
-        }
-    }
-
-}