diff --git a/benchmark/src/main/java/org/keycloak/benchmark/Config.java b/benchmark/src/main/java/org/keycloak/benchmark/Config.java index 92c9b83b2..9cf81647b 100644 --- a/benchmark/src/main/java/org/keycloak/benchmark/Config.java +++ b/benchmark/src/main/java/org/keycloak/benchmark/Config.java @@ -1,6 +1,5 @@ package org.keycloak.benchmark; -import java.net.URI; import java.text.SimpleDateFormat; import java.util.Arrays; import java.util.List; @@ -191,7 +190,7 @@ public class Config { String serversProp = System.getProperty("server-url"); if (serversProp == null) { String serversEnv = System.getenv("KC_SERVER_URL"); - serverUris = serversEnv != null ? serversEnv : "http://0.0.0.0:8080"; + serverUris = serversEnv != null ? serversEnv : "http://localhost:8080/auth"; } else { serverUris = serversProp; } @@ -200,46 +199,6 @@ public class Config { serverUrisList = Arrays.asList(serverUris.split(" ")); } - public static void preventLocalhostServerUris() { - serverUrisList.stream().forEach(s -> { - URI uri = URI.create(s); - if (uri.getScheme().equals("http") && isLocalhostSecureContext(uri)) { - throw new RuntimeException(""" - Gatling won't send secure cookies to localhost addresses. Due to this, it is incompatible of running tests against with Keycloak 26. - See https://github.com/keycloak/keycloak-benchmark/issues/945 for more information. - As a workaround, use a different IP address on your current host, or use http://0.0.0.0 - """); - } - }); - } - - public static boolean isLocalhostSecureContext(URI uri) { - String host = uri.getHost(); - if (host == null) { - return false; - } - - // The host matches a CIDR notation of ::1/128 - if (host.equals("[::1]") || host.equals("[0000:0000:0000:0000:0000:0000:0000:0001]")) { - return true; - } - - // The host matches a CIDR notation of 127.0.0.0/8 - if (host.matches("127.\\d{1,3}.\\d{1,3}.\\d{1,3}")) { - return true; - } - - if (host.equals("localhost") || host.equals("localhost.")) { - return true; - } - - if (host.endsWith(".localhost") || host.endsWith(".localhost.")) { - return true; - } - - return false; - } - public static String toStringPopulationConfig() { return String.format( " realms: %s\n" diff --git a/benchmark/src/main/scala/keycloak/scenario/authentication/AuthorizationCode.scala b/benchmark/src/main/scala/keycloak/scenario/authentication/AuthorizationCode.scala index 6d9ea6ddd..98465ea61 100644 --- a/benchmark/src/main/scala/keycloak/scenario/authentication/AuthorizationCode.scala +++ b/benchmark/src/main/scala/keycloak/scenario/authentication/AuthorizationCode.scala @@ -1,12 +1,9 @@ package keycloak.scenario.authentication import keycloak.scenario.{CommonSimulation, KeycloakScenarioBuilder} -import org.keycloak.benchmark.Config class AuthorizationCode extends CommonSimulation { - Config.preventLocalhostServerUris() - setUp("Authentication - Authorization Code Username/Password", new KeycloakScenarioBuilder() .openLoginPage(true) .loginUsernamePassword() diff --git a/benchmark/src/main/scala/keycloak/scenario/authentication/LoginUserPassword.scala b/benchmark/src/main/scala/keycloak/scenario/authentication/LoginUserPassword.scala index fec24eb44..6ea4a1a0e 100644 --- a/benchmark/src/main/scala/keycloak/scenario/authentication/LoginUserPassword.scala +++ b/benchmark/src/main/scala/keycloak/scenario/authentication/LoginUserPassword.scala @@ -1,12 +1,9 @@ package keycloak.scenario.authentication import keycloak.scenario.{CommonSimulation, KeycloakScenarioBuilder} -import org.keycloak.benchmark.Config class LoginUserPassword extends CommonSimulation { - Config.preventLocalhostServerUris() - setUp("Authentication - Login Username/Password", new KeycloakScenarioBuilder() .openLoginPage(true) .loginUsernamePassword()) diff --git a/doc/benchmark/modules/ROOT/pages/run/running-benchmark-cli.adoc b/doc/benchmark/modules/ROOT/pages/run/running-benchmark-cli.adoc index 81fa09c5c..f8a136eb1 100644 --- a/doc/benchmark/modules/ROOT/pages/run/running-benchmark-cli.adoc +++ b/doc/benchmark/modules/ROOT/pages/run/running-benchmark-cli.adoc @@ -31,7 +31,7 @@ To start running tests, execute: ./kcb.sh ---- -By default, tests expect Keycloak to run on \http://0.0.0.0:8080, and the default scenario is `keycloak.scenarion.authentication.ClientSecret`. +By default, tests expect Keycloak to run on \http://localhost:8080/auth, and the default scenario is `keycloak.scenarion.authentication.ClientSecret`. To use a different server URL, realm and scenario: diff --git a/doc/benchmark/modules/ROOT/pages/scenario/authorization-code.adoc b/doc/benchmark/modules/ROOT/pages/scenario/authorization-code.adoc index 3228ba2ca..382a12533 100644 --- a/doc/benchmark/modules/ROOT/pages/scenario/authorization-code.adoc +++ b/doc/benchmark/modules/ROOT/pages/scenario/authorization-code.adoc @@ -14,12 +14,6 @@ See xref:scenario-overview.adoc[] for a list of all scenarios. See the source code at link:{github-files}/benchmark/src/main/scala/keycloak/scenario/authentication/AuthorizationCode.scala[AuthorizationCode.scala] for details. -[WARNING] -==== -Due to the circumstances described in issue https://github.com/keycloak/keycloak-benchmark/issues/945[#945], this scenario will not work with a non-TLS localhost URLs like `+http://localhost+`, `+http://127.0.0.1+` or similar. -Instead, use IP addresses of other interfaces, or `+http://0.0.0.0+`, or run Keycloak with a TLS certificate. -==== - == Running an example scenario === Prerequisites @@ -41,13 +35,13 @@ See xref:configuration.adoc[] for additional CLI options. ---- bin/kcb.sh \ --scenario=keycloak.scenario.authentication.AuthorizationCode \ - --server-url=http://0.0.0.0:8080/ \ + --server-url=http://localhost:8080/ \ --realm-name=realm-0 \ --username=user-0 \ --user-password=user-0-password \ --client-id=client-0 \ --client-secret=client-0-secret \ - --client-redirect-uri=http://0.0.0.0:8080 \ + --client-redirect-uri=http://localhost:8080 \ --log-http-on-failure ----