SecureContextResolverTest.java
package org.keycloak.utils;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.representations.account.DeviceRepresentation;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.function.Supplier;
public class SecureContextResolverTest {
static DeviceRepresentation DEVICE_UNKOWN;
static DeviceRepresentation DEVICE_SAFARI;
static {
DEVICE_UNKOWN = new DeviceRepresentation();
DEVICE_UNKOWN.setBrowser(DeviceRepresentation.UNKNOWN);
DEVICE_SAFARI = new DeviceRepresentation();
DEVICE_SAFARI.setBrowser("Safari/18.0.1");
}
@Test
public void testHttps() {
assertSecureContext("https://127.0.0.1", true);
assertSecureContext("https://something", true);
}
@Test
public void testIp4() {
assertSecureContext("http://127.0.0.1", true);
assertSecureContext("http://127.0.0.128", true);
assertSecureContext("http://127.0.0.255", true);
assertSecureContext("http://127.0.0.256", false);
assertSecureContext("http://127.0.1.1", true);
assertSecureContext("http://127.254.232.123", true);
assertSecureContext("http://127.256.232.123", false);
assertSecureContext("http://10.0.0.10", false);
assertSecureContext("http://127.0.0.1.nip.io", false);
}
@Test
public void testIp6() {
assertSecureContext("http://[::1]", true);
assertSecureContext("http://[0000:0000:0000:0000:0000:0000:0000:0001]", true);
assertSecureContext("http://[::2]", false);
assertSecureContext("http://[2001:0000:130F:0000:0000:09C0:876A:130B]", false);
assertSecureContext("http://::1", false);
}
@Test
public void testLocalhost() {
assertSecureContext("http://localhost", true);
assertSecureContext("http://localhost.", true);
assertSecureContext("http://localhostn", false);
assertSecureContext("http://test.localhost", true);
assertSecureContext("http://test.localhost.", true);
assertSecureContext("http://test.localhostn", false);
assertSecureContext("http://test.localhost.not", false);
}
@Test
public void testQuirksSafari() {
assertSecureContext("https://127.0.0.1", DEVICE_SAFARI, true);
assertSecureContext("https://something", DEVICE_SAFARI, true);
assertSecureContext("http://[::1]", DEVICE_SAFARI,false);
assertSecureContext("http://[0000:0000:0000:0000:0000:0000:0000:0001]", DEVICE_SAFARI, false);
assertSecureContext("http://localhost", DEVICE_SAFARI, false);
assertSecureContext("http://localhost.", DEVICE_SAFARI, false);
assertSecureContext("http://test.localhost", DEVICE_SAFARI, false);
assertSecureContext("http://test.localhost.", DEVICE_SAFARI, false);
}
@Test
public void testNoDeviceRepresentation() {
assertSecureContext("http://localhost", null, true);
}
void assertSecureContext(String url, boolean expectedSecureContext) {
assertSecureContext(url, DEVICE_UNKOWN, expectedSecureContext);
}
void assertSecureContext(String url, DeviceRepresentation deviceRepresentation, boolean expectedSecureContext) {
Supplier<DeviceRepresentation> deviceRepresentationSupplier = () -> deviceRepresentation;
try {
Assert.assertEquals(expectedSecureContext, SecureContextResolver.isSecureContext(new URI(url), deviceRepresentationSupplier));
} catch (URISyntaxException e) {
Assert.fail(e.getMessage());
}
}
}