Enhance KeycloakTestClient to support a client_credentials grant #29969
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #29933.
This PR adds 4
getClientAccessToken
methods making it easy to get the access token using a client_credentials grant from a default realm set up by DevServices for Keycloak, and 4getRealmClientAccessToken
to do the same but also letting users set a realm name as one of the method parameters.The same pattern is used with the existing
getAccessToken
/getRealmAccessToken
methods where a password grant is used.Also tried to improve the description of how various properties are set.
Update
OidcTokenPropagationTest
- in the existing test the propagated token contains analice
name because the token was acquired using a password grant. A new test method acquires a token using a client_credentials grant for aquarkus-app
client, Keycloak represents it as aservice-account-quarkus-app
in the token issued using client_credentials grantCC @pedroigor