search

jhipster / generator-jhipster-quarkus

Quarkus blueprint for JHipster
https://www.jhipster.tech/blueprints/quarkus/
Apache License 2.0
141 stars 56 forks source link

migrate to jhipster v8 #296

Closed mshima closed 1 year ago

mshima commented 1 year ago

Fixes https://github.com/jhipster/generator-jhipster-quarkus/issues/294

mshima commented 1 year ago

The remaining failure is related to keycloak 19 -> 22:

2023-11-01 03:42:56,873 INFO  [tc.qua.io/.0.5] (docker-java-stream--304219373) STDOUT: 2023-11-01 03:42:56,871 WARN  [org.keycloak.events] (executor-thread-1) type=LOGIN_ERROR, realmId=jhipster, clientId=web_app, userId=null, ipAddress=172.17.0.1, error=not_allowed, auth_method=oauth_credentials, grant_type=password, client_auth_method=client-secret
2023-11-01 03:42:57,066 INFO  [http-problem] (executor-thread-1) status=401, title="Unauthorized"
Error:  Tests run: 2, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 88.54 s <<< FAILURE! -- in io.github.jhipster.sample.web.rest.AccountResourceIT
Error:  io.github.jhipster.sample.web.rest.AccountResourceIT.should_allow_authenticated_user_to_retrieve_own_account_details -- Time elapsed: 2.008 s <<< FAILURE!
java.lang.AssertionError: 
1 expectation failed.
Expected status code <200> but was <400>.

https://github.com/jhipster/generator-jhipster-quarkus/blob/2abf8d83b979f58352ead1096d973c9031c94a66/generators/server/templates/quarkus/src/test/java/package/web/rest/AccountResourceIT_oauth2.java.ejs#L33-L46

Maybe related to legacy grant_type=password? The generated backend code is identical (almost, v7 -> v8 changes like package-info auto generation, some relationship changes, etc).

@mraible not sure what's the fix.

mraible commented 1 year ago

@mshima Do you happen to have steps to reproduce? If we're using grant_type=password in code, we should fix that. It bypasses the whole point of OAuth, IMHO.

mraible commented 1 year ago

@vishal423 Do you have any suggestions?

mshima commented 1 year ago

@mraible that test seems to login at keycloak and gets the account details from '/account' endpoint with that authentication token. This test probably would require a reimplementation to drop grant_type=password and simulate the entire authentication workflow. Or grant_type=password should be enabled at the keycloak test container. IMO the test should be dropped and /account should be tested by others means.

I can revert keycloak testcontainer to v19 and use copy the keycloak realm from v7.9.4 to use at the test. What do you think?

mraible commented 1 year ago

I can revert keycloak testcontainer to v19 and use copy the keycloak realm from v7.9.4 to use at the test.

I think this is a good way to test if the Keycloak configuration has changed.

IMO the test should be dropped and /account should be tested by others means.

I agree since it's not testing functionality that's used in a JHipster-generated app.

sonarcloud[bot] commented 1 year ago

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot E 1 Security Hotspot
Code Smell A 6 Code Smells

No Coverage information No Coverage information
1.6% 1.6% Duplication

idea Catch issues before they fail your Quality Gate with our IDE extension sonarlint SonarLint

mshima commented 1 year ago

@mraible tests are passing now. I need to do more adjusts post merged adjust like change the diff logic and update to node 18.