Insert control-cache headers to every resource and reload index.html

.github/workflows/test-management-ui-for-pr.yaml

@@ -56,13 +56,13 @@ jobs:
         cd ${SELENIUM_DIR}
         docker build -t mocha-test --target test .
 
-    - name: Run full ui suites on a standalone rabbitmq server
+    - name: Run short ui suites on a standalone rabbitmq server
       run: |
         IMAGE_TAG=$(find PACKAGES/rabbitmq-server-generic-unix-*.tar.xz | awk -F 'PACKAGES/rabbitmq-server-generic-unix-|.tar.xz' '{print $2}')
         RABBITMQ_DOCKER_IMAGE=pivotalrabbitmq/rabbitmq:$IMAGE_TAG \
-          ${SELENIUM_DIR}/run-suites.sh short-suite-management-ui
+          ${SELENIUM_DIR}/run-suites.sh short-suite-management-ui        
-        mkdir -p /tmp/full-suite
+        mkdir -p /tmp/short-suite
-        mv /tmp/selenium/* /tmp/full-suite
+        mv /tmp/selenium/* /tmp/short-suite
         
     - name: Upload Test Artifacts
       if: always()
@@ -70,7 +70,6 @@ jobs:
       with:
         name: test-artifacts-${{ matrix.browser }}-${{ matrix.erlang_version }}
         path: |
-          /tmp/full-suite
           /tmp/short-suite
 
   summary-selenium:

deps/rabbitmq_management/priv/www/index.html

@@ -21,9 +21,9 @@
     <link href="css/main.css" rel="stylesheet" type="text/css"/>
     <link href="favicon.ico" rel="shortcut icon" type="image/x-icon"/>    
     
-    <script type="module">
+    <script type="module">   
-      window.oauth = oauth_initialize_if_required();
+      check_version()   
-      
+      window.oauth = oauth_initialize_if_required()      
     </script>
     
 

deps/rabbitmq_management/priv/www/js/main.js

@@ -119,15 +119,13 @@ function check_login () {
   if (user == false || user.error) {
     clear_auth();
     if (oauth.enabled) {
-      //hide_popup_warn();
       renderWarningMessageInLoginStatus(oauth, 'Not authorized');
     } else {
-      //hide_popup_warn();
       replace_content('login-status', '<p>Login failed</p>');
     }
     return false;
   }
-
+  check_version()
   hide_popup_warn()
   replace_content('outer', format('layout', {}))
   var user_login_session_timeout = parseInt(user.login_session_timeout)
@@ -1862,3 +1860,12 @@ function get_chart_range_type(arg) {
     console.log('[WARNING]: range type not found for arg: ' + arg);
     return 'basic';
 }
+
+function check_version() {
+    let curVersion = sync_get('/version')
+    let storedVersion = get_pref('version')
+    if (!storedVersion || storedVersion != curVersion) {
+        store_pref('version', curVersion)
+        location.reload()
+    }
+}

deps/rabbitmq_management/priv/www/js/oidc-oauth/helper.js

@@ -290,18 +290,26 @@ export function oauth_completeLogin() {
 
 export function oauth_initiateLogout() {
   if (oauth.sp_initiated) {
-    mgr.metadataService.getEndSessionEndpoint().then(endpoint => {
+    return mgr.getUser().then(user => {
-      if (endpoint == undefined) {
+      if (user != null) {
-        // Logout only from management UI
+        mgr.metadataService.getEndSessionEndpoint().then(endpoint => {
-        mgr.removeUser().then(res => {
+          if (endpoint == undefined) {
-          clear_auth()
+            // Logout only from management UI
-          oauth_redirectToLogin()
+            mgr.removeUser().then(res => {
+              clear_auth()
+              oauth_redirectToLogin()
+            })
+          }else {
+            // OpenId Connect RP-Initiated Logout
+            mgr.signoutRedirect()
+          }
         })
       }else {
-        // OpenId Connect RP-Initiated Logout
+        clear_auth()
-        mgr.signoutRedirect()
+        go_to_home()
       }
     })
+
   } else {
     go_to_authority()
   }
@@ -370,8 +378,7 @@ export function hasAnyResourceServerReady(oauth, onReadyCallback) {
           return group;
         }, {})
         let warnings = []
-        for(var url in groupByProviderURL){
+        for(var url in groupByProviderURL){          
-          console.log(url + ': ' + groupByProviderURL[url]);
           const notReadyResources = groupByProviderURL[url].filter((oauthserver) => notReadyServers.includes(oauthserver.oauth_provider_url))
           const notCompliantResources = groupByProviderURL[url].filter((oauthserver) => notCompliantServers.includes(oauthserver.oauth_provider_url))
           if (notReadyResources.length == 1) {
@@ -385,7 +392,6 @@ export function hasAnyResourceServerReady(oauth, onReadyCallback) {
             warnings.push(warningMessageOAuthResources(url, notCompliantResources, " not compliant"))
           }
         }
-        console.log("warnings:" + warnings)
         oauth.declared_resource_servers_count = oauth.resource_servers.length
         oauth.resource_servers = oauth.resource_servers.filter((resource) =>
           !notReadyServers.includes(resource.oauth_provider_url) && !notCompliantServers.includes(resource.oauth_provider_url))

deps/rabbitmq_management/src/rabbit_mgmt_dispatcher.erl

@@ -208,5 +208,6 @@ dispatcher() ->
      {"/auth/attempts/:node/source",                           rabbit_mgmt_wm_auth_attempts, [by_source]},
      {"/login",                                                rabbit_mgmt_wm_login, []},
      {"/config/effective",                                     rabbit_mgmt_wm_environment, []},
-     {"/auth/hash_password/:password",                         rabbit_mgmt_wm_hash_password, []}
+     {"/auth/hash_password/:password",                         rabbit_mgmt_wm_hash_password, []},
+     {"/version",                                              rabbit_mgmt_wm_version, []}
     ].

deps/rabbitmq_management/src/rabbit_mgmt_headers.erl

@@ -55,14 +55,18 @@ set_common_permission_headers(ReqData0, EndpointModule) ->
     lists:foldl(fun(Fun, ReqData) ->
                         Fun(ReqData, EndpointModule)
                 end, ReqData0,
-               [fun set_csp_headers/2,
+               [fun set_etag_based_cache_headers/2,
+                fun set_csp_headers/2,
                 fun set_hsts_headers/2,
                 fun set_cors_headers/2,
                 fun set_content_type_options_header/2,
                 fun set_xss_protection_header/2,
                 fun set_frame_options_header/2]).
 
+set_etag_based_cache_headers(ReqData0, _Module) ->
+    cowboy_req:set_resp_header(<<"cache-control">>, <<"public, max-age=0, must-revalidate">>, ReqData0).
+
 set_no_cache_headers(ReqData0, _Module) ->
-    ReqData1 = cowboy_req:set_resp_header(<<"cache-control">>, <<"no-cache, no-store, must-revalidate">>, ReqData0),
+    ReqData1 = cowboy_req:set_resp_header(<<"cache-control">>, <<"no-cache, no-store, max-age=0, must-revalidate">>, ReqData0),
     ReqData2 = cowboy_req:set_resp_header(<<"pragma">>, <<"no-cache">>, ReqData1),
     cowboy_req:set_resp_header(<<"expires">>, rabbit_data_coercion:to_binary(0), ReqData2).

deps/rabbitmq_management/src/rabbit_mgmt_wm_version.erl

@@ -0,0 +1,38 @@
+%% This Source Code Form is subject to the terms of the Mozilla Public
+%% License, v. 2.0. If a copy of the MPL was not distributed with this
+%% file, You can obtain one at https://mozilla.org/MPL/2.0/.
+%%
+%% Copyright (c) 2007-2024 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. All rights reserved.
+%%
+
+-module(rabbit_mgmt_wm_version).
+
+-export([init/2]).
+-export([to_json/2, content_types_provided/2]).
+-export([variances/2]).
+
+-include_lib("rabbit_common/include/rabbit.hrl").
+-include_lib("rabbitmq_management_agent/include/rabbit_mgmt_records.hrl").
+
+%%--------------------------------------------------------------------
+
+init(Req, _State) ->
+    {cowboy_rest, rabbit_mgmt_headers:set_no_cache_headers(
+        rabbit_mgmt_headers:set_common_permission_headers(Req, ?MODULE), ?MODULE), 
+        #context{}}.
+
+variances(Req, Context) ->
+    {[<<"accept-encoding">>, <<"origin">>], Req, Context}.
+
+content_types_provided(ReqData, Context) ->
+   {rabbit_mgmt_util:responder_map(to_json), ReqData, Context}.
+
+to_json(ReqData, Context) ->   
+    Version = case rabbit:product_version() of
+        undefined -> rabbit:base_product_version();
+        V -> V
+    end,
+    rabbit_mgmt_util:reply(list_to_binary(Version), ReqData, Context).
+
+%%--------------------------------------------------------------------
+

deps/rabbitmq_management/test/rabbit_mgmt_http_SUITE.erl

@@ -56,7 +56,7 @@ all() ->
     ].
 
 groups() ->
-    [
+    [        
         {all_tests_with_prefix, [], some_tests() ++ all_tests()},
         {all_tests_without_prefix, [], some_tests()},
         %% We have several groups because their interference is
@@ -104,7 +104,6 @@ definitions_group4_tests() ->
         definitions_vhost_test
     ].
 
-
 all_tests() -> [
     cli_redirect_test,
     api_redirect_test,
@@ -205,7 +204,8 @@ all_tests() -> [
     amqp_sessions,
     amqpl_sessions,
     enable_plugin_amqp,
-    cluster_and_node_tags_test
+    cluster_and_node_tags_test,
+    version_test
 ].
 
 %% -------------------------------------------------------------------
@@ -3896,6 +3896,13 @@ oauth_test(Config) ->
     %% cleanup
     rpc(Config, application, unset_env, [rabbitmq_management, oauth_enabled]).
 
+version_test(Config) ->
+    ActualVersion = http_get(Config, "/version"),
+    ct:log("ActualVersion : ~p", [ActualVersion]),
+    ExpectedVersion = rpc(Config, rabbit, base_product_version, []),
+    ct:log("ExpectedVersion : ~p", [ExpectedVersion]),
+    ?assertEqual(ExpectedVersion, binary_to_list(ActualVersion)).
+
 login_test(Config) ->
     http_put(Config, "/users/myuser", [{password, <<"myuser">>},
                                        {tags,     <<"management">>}], {group, '2xx'}),

selenium/README.md

@@ -62,6 +62,9 @@ not see any browser interaction, everything happens in the background, i.e. rabb
 
 **The interactive mode** - This mode is convenient when we are still working on RabbitMQ source code and/or in the selenium tests. In this mode, you run RabbitMQ and tests directly from source to speed things up. The components, such as, UAA or keycloak, run in docker.
 
+**IMPORTANT** - If you intend to switch between version of RabbitMQ, make sure
+you run `./clean.sh` to clear any state left from the last test run. 
+
 
 ## Run tests in headless-mode
 

selenium/bin/components/keycloak

@@ -42,7 +42,7 @@ start_keycloak() {
     --publish 8443:8443 \
 		--env KEYCLOAK_ADMIN=admin \
 		--env KEYCLOAK_ADMIN_PASSWORD=admin \
-		--mount type=bind,source=${MOUNT_KEYCLOAK_CONF_DIR},target=/opt/keycloak/data/import/ \
+		-v ${MOUNT_KEYCLOAK_CONF_DIR}:/opt/keycloak/data/import/ \
 		${KEYCLOAK_DOCKER_IMAGE} start-dev --import-realm \
     --https-certificate-file=/opt/keycloak/data/import/server_keycloak_certificate.pem \
     --https-certificate-key-file=/opt/keycloak/data/import/server_keycloak_key.pem

selenium/bin/suite_template

@@ -571,7 +571,7 @@ teardown_local_others() {
   if [[ $REQUIRED_COMPONENTS == "" ]]; then
     print "There are no other components"
   else
-    teardown_components
+    teardown_components true
   fi
 }
 test_local() {
@@ -624,13 +624,18 @@ start_components() {
 }
 
 teardown_components() {
-  begin "Tear down ..."
+  skip_rabbitmq=${1:-false}
+
+  begin "Tear down ... "
   for i in "${REQUIRED_COMPONENTS[@]}"
   do
-    local component="$i"
+    if [[ $i != "rabbitmq" || ($i == "rabbitmq" && $skip_rabbitmq == false) ]] 
-    stop="stop_$i"
+    then 
-    type "$stop" &>/dev/null && $stop || kill_container_if_exist "$component"
+      local component="$i"
-    print "Tear down $component"
+      stop="stop_$i"
+      type "$stop" &>/dev/null && $stop || kill_container_if_exist "$component"
+      print "Tear down $component"    
+    fi 
   done
   end "Finished teardown"
 }

selenium/clean.sh

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+rm -r $TMPDIR/rabbitmq-test-instances

selenium/suites/authnz-mgt/oauth-and-basic-auth.sh

@@ -4,7 +4,7 @@ SCRIPT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 
 TEST_CASES_PATH=/oauth/with-basic-auth
 TEST_CONFIG_PATH=/oauth
-PROFILES="keycloak jwks keycloak-oauth-provider enable-basic-auth tls"
+PROFILES="keycloak keycloak-oauth-provider keycloak-mgt-oauth-provider tls enable-basic-auth"
 
 source $SCRIPT/../../bin/suite_template $@
 runWith keycloak

selenium/test/basic-auth/unauthorized.js

@@ -19,9 +19,8 @@ describe('An user without management tag', function () {
     overview = new OverviewPage(driver)
     captureScreen = captureScreensFor(driver, __filename)
 
-    assert.ok(!await login.isPopupWarningDisplayed())
+    //assert.ok(!await login.isPopupWarningDisplayed())
-    await login.login('rabbit_no_management', 'rabbit_no_management')
+    await login.login('rabbit_no_management', 'guest')    
-    await !overview.isLoaded()
   })
 
   it('cannot log in into the management ui', async function () {    
@@ -35,7 +34,7 @@ describe('An user without management tag', function () {
 
   it('should get popup warning dialog', async function(){
     assert.ok(login.isPopupWarningDisplayed())
-    assert.equal('Not_Authorized', await login.getPopupWarning())
+    assert.equal('Not management user', await login.getPopupWarning())
   })
 
   describe("After clicking on popup warning dialog button", function() {

selenium/test/multi-oauth/certs/server_rabbitmq_certificate.pem

@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgIBATANBgkqhkiG9w0BAQsFADBLMTowOAYDVQQDDDFUTFNH
-ZW5TZWxmU2lnbmVkUm9vdENBIDIwMjQtMTEtMTRUMTQ6MDc6NTQuNzIzODUyMQ0w
-CwYDVQQHDAQkJCQkMB4XDTI0MTExNDEzMDc1NFoXDTM0MTExMjEzMDc1NFowJDER
-MA8GA1UEAwwIcmFiYml0bXExDzANBgNVBAoMBnNlcnZlcjCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAO+lLX4hl6pBOi8BNxOka5dxBblSIDUfES3yHwL2
-g/BoJv18DiBpLlT7262iUvrZk7WsGUdUccoikR8L9eArw04K8I8z7ATOMN7T/d8R
-4Kn1Rcbgrm11d2xS4R9gXy7lbhOCk8LWHJtWptDyPhg6I8SztHB7dtvzv1AVvmtp
-4QDYKN7YCJnF3+Uf9W2XJcH/rBU2mc0ow2EbTLoJug335bhIWJ7TVPS22BDy5xnP
-7MDG14PMU/W9BhN5GzCEqeJzwhXjqij/JfGICHBJeGzqQ+J9Qjm3DYdGoCheZqxP
-R1ml7ql14tBUIbgcJjlRCLSyaMLEOOOoLOrac5T/zT5YsV8CAwEAAaOBzzCBzDAJ
-BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAqBgNV
-HREEIzAhgghyYWJiaXRtcYIKV0pSN0Q0RkhHWIIJbG9jYWxob3N0MB0GA1UdDgQW
-BBTEYcfPgofNbHR6lT4AtYpmhDwa7DAfBgNVHSMEGDAWgBQlM1NJapUaVlk0O7o6
-p7NnIKxtcTAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3JsLXNlcnZlcjo4MDAw
-L2Jhc2ljLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAQ8lsUSlA50+RqyRr6kopSNxh
-ytQ/qKLmCZk8kveUkNVJK0VXRgo7ufINBrPVPlli4kofTv7FLizbm9dRYn22cskm
-LcUqOBoAgXQuevqM2sn/WEpybYH6HL3ETFol+/8r5zVTlrWFLOMEIlHFBIWs+LOr
-Zv5uNLfxqOBtG7ClCKB5oqnvRrL7Re5klMTPdSLoayiegk641SfxVeuyHYBe74LD
-HOV4NLUW7xm55A3FXW0mdUT1YbsKdCXM6q7Krkomq16s5c4sJtYDk+zGLOMdA6lT
-00Jaz74RbWwvpbpoW5XGeldn4T02CXOWVTXp0Ur+Br/PdsiKdmkrNos9ecBuvg==
------END CERTIFICATE-----

selenium/test/multi-oauth/certs/server_rabbitmq_key.pem

@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDvpS1+IZeqQTov
-ATcTpGuXcQW5UiA1HxEt8h8C9oPwaCb9fA4gaS5U+9utolL62ZO1rBlHVHHKIpEf
-C/XgK8NOCvCPM+wEzjDe0/3fEeCp9UXG4K5tdXdsUuEfYF8u5W4TgpPC1hybVqbQ
-8j4YOiPEs7Rwe3bb879QFb5raeEA2Cje2AiZxd/lH/VtlyXB/6wVNpnNKMNhG0y6
-CboN9+W4SFie01T0ttgQ8ucZz+zAxteDzFP1vQYTeRswhKnic8IV46oo/yXxiAhw
-SXhs6kPifUI5tw2HRqAoXmasT0dZpe6pdeLQVCG4HCY5UQi0smjCxDjjqCzq2nOU
-/80+WLFfAgMBAAECggEAH8tjcMOWMrF6vbfEjeeXmr0VDFRYD5QynEzuTl9Ue/Xl
-jmYCHcy2p/HOYIgTyFJLpaPSqsMKYc4aQOs+UOKdg+Ixrl4uJykQFNA9c3YUv5fa
-DRvMKJuYH5gTZC1OE5O++fmuDwCHRRjHAxvQnzg/fJ53ByFqUJ5TOJXZ8LhYcNr7
-P47OfZJb9t81YsrYPL6ZsRxw2a5Fc1C/Za2Wn7ZZbr4xx8CuBJ8WwQQWM+NjhHfD
-Kb3I3n2sWzyy1JhGcQCHix/nQnrIMCZ3TDemwTIegvAKkHt+estvgWlxVOCBHb86
-lZrhweuMWCzwuRJhvKZ2Up71fMmyw6chZJwR2AHaIQKBgQD5G4ZuEckodnIlH6jU
-9ps2AX114xNSnDBGOFn1pCE6gXQFtdLWvIyKpeQnFN9JUZoaQ2lp+pPQ+21O6ZXW
-z/5LGp6N0HZDFKOm3Fu9RqEiI4TM5w9EnUjRoqhD8qKjk3ym97raVEvjFlMycqs8
-3L5oRGFCHIWreDA6zaSpQq2cEQKBgQD2RqEgKIKxNpYicroVkaGwLM3W3E0corNM
-vj/oS2zwBJUgH7iwtDO+CBPd2FFQjwXi7DZwMzP1UyKOBxHUiTrFODtLj1NPp2BZ
-X29HEDy3QHh1TrVb2gG+Psll/cdurq+G2knJqSDwWnAoVHe5jxt0jWxaVFWKzNl5
-pcc9Lu+mbwKBgQCU/RZ47KBQWA9LDtVukhQgx+FeybJ73TiuNvPvC/xnvpdC9w2k
-K18vaaq8iSpG8sxlWt5IaXtRKZ+l6+UXdo0UJFaiYQTqeAStPuyLlxu2jGHYH3Yt
-RpkP8OYMxajqhsKuJkqWXIaKyoZ2DMlH/IrRV9yHqwFznc3Szb3nEh890QKBgQCL
-7BcRgVK3ws7MJajKJmLaCKquf54kPeBnItSGc4wiVkgv5zX0131qY4Z+DbAteAUd
-J53KY50KrkA8t5GO0qUcdlViGb14zRz1yj4b/wKwDyYhaCWsWRGSeHPOycAsh31c
-vdscg0YeqRN+Jnebas5riwpby/yKDtckwWaQwYERawKBgQDMqdNh0NqX+VyW786f
-M45xgL61jMwO3FNPatQsj329WJ9PfHQprryR4zzNZ9XswENKVM7jLq3koJkHYVs/
-wk23Zn3daJxYqoftEdYxW2azsouHV7/kMT+kiUjr4pcaxGhWjRjANDgEcYkMz3g6
-Uuot3qdOvr7IW0O0vRGvmd6Ojw==
------END PRIVATE KEY-----

selenium/test/multi-oauth/devkeycloak/server_devkeycloak_certificate.pem

@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDwDCCAqigAwIBAgIBATANBgkqhkiG9w0BAQsFADBLMTowOAYDVQQDDDFUTFNH
-ZW5TZWxmU2lnbmVkUm9vdENBIDIwMjQtMTEtMTRUMTQ6MDY6MjkuNjQwNzcxMQ0w
-CwYDVQQHDAQkJCQkMB4XDTI0MTExNDEzMDYzMFoXDTM0MTExMjEzMDYzMFowJzEU
-MBIGA1UEAwwLZGV2a2V5Y2xvYWsxDzANBgNVBAoMBnNlcnZlcjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAI+qfG/X9HQIIWQFC9Ibj7dNOiWdwhpclgDB
-h1e7oBM9fIBMKeU2M1xFPmSFigOB989dLZhBG5yypgZv+6jrMqnUF8fn0DVhUZag
-FI8VNx8KFc0U5ENo+FFe8Isf7yrl4FPc1EychoHiGI2DKM3QdIDYQhtdlPKk5wig
-vJEQopMmwsMGKfkw6ARVzTpv1FQmOn8MMHubT9L0AS4CkPcS7aartNJEzltBlx5V
-lHQq3jumf8CpbionQFWWRjeGFdYZhL7cfYk4fYB3rvnVg8opzju4spdTU2gloZy6
-GGRhVeUGspbk8gh8ecF/83AwKuAkrwM/wMDwyKKeeq3QKHBJc9cCAwEAAaOB0jCB
-zzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAt
-BgNVHREEJjAkggtkZXZrZXljbG9ha4IKV0pSN0Q0RkhHWIIJbG9jYWxob3N0MB0G
-A1UdDgQWBBTGCKXoyHd9jncVAeN3uiStdQbOPzAfBgNVHSMEGDAWgBRIFMiWpPs7
-k4WMbt9+JS/Box5EhDAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3JsLXNlcnZl
-cjo4MDAwL2Jhc2ljLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAQrIxS/Zr832lJV82
-3yYIql12rbT8vG6HYxwaJ2Bd1QFwk0nHMoTqJ5JQxH6mYY8NasjLFS15rrSGLMCt
-4Ja8T/haUXzfxuOMFVDvvnexDXdldOPHycIsv+BMH/7CuDnnEgCiKLGVuHZIgE/k
-igNvTVmk/gX8OR5tGxizMhIBa5Wer2kLBvJKl/gFniV3LCMlm20ufXvTpJSU4lms
-u5AI/snnblD0HtZ+HQyKJM5WGj6PyFH620BBYvTFR3oFaEhaEmHNqQGiCQ+xvzpU
-8P5crISfzcllXjfBxXCn/Ffft8y6I8TGxdRTrMoHHX5FJZWKZdaGH0JYQ4unWJ3s
-1Ats7g==
------END CERTIFICATE-----

selenium/test/multi-oauth/devkeycloak/server_devkeycloak_key.pem

@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCPqnxv1/R0CCFk
-BQvSG4+3TTolncIaXJYAwYdXu6ATPXyATCnlNjNcRT5khYoDgffPXS2YQRucsqYG
-b/uo6zKp1BfH59A1YVGWoBSPFTcfChXNFORDaPhRXvCLH+8q5eBT3NRMnIaB4hiN
-gyjN0HSA2EIbXZTypOcIoLyREKKTJsLDBin5MOgEVc06b9RUJjp/DDB7m0/S9AEu
-ApD3Eu2mq7TSRM5bQZceVZR0Kt47pn/AqW4qJ0BVlkY3hhXWGYS+3H2JOH2Ad675
-1YPKKc47uLKXU1NoJaGcuhhkYVXlBrKW5PIIfHnBf/NwMCrgJK8DP8DA8Miinnqt
-0ChwSXPXAgMBAAECggEACVm9zqO+H901myZu7gZoNLR8j900OHYFN1hhQDcQhKAQ
-XeNXKLl930gMdwtv/6lyYRc98/Zs3yaLgsjAFu7z9bS9tX+jgA3s+wJBREzLsSP9
-ZkMxVifbXaRxwIRcEy0yDBNH6BKZ+JMoKPG78qVaJ9ares989cwA04FutHxiMHSQ
-6ScywMspOrknJPbosoikJ3tg4vCvCVugrXpjieojuvpmeNSY3HThsudPXR6V1fZD
-iLvUS8hZuHJV0tCsWyGho6qvTGrv6bvpsorPq4zyuMwxNx9Wl7Fo2fZHACdAAnOk
-LF7Hjz9YUdI1oq+05nq+dApf5zkB9C9aEGjP7uwuuQKBgQDEHXxIex0TAh3Ne/72
-wAvhjQ7+3csuNXb1mgjI7vJlKl6+uza6WiD0MtALQG1LL3Y4IKZVcvhfVL72Id8q
-op3a9asiE3+E1Y07abzgwG3uuWj7SmXvmxURhl90Jlm4zAOioJUb4sTXfRCCyVSR
-CfoC5g3Na4k0gv8fUNbMVU6s2QKBgQC7iP6HQiBQaMs6Ka/fgKMkwOx1Bpjylv8w
-TT4MjWIAmfDefWD6tEq6hPP66E2OdBndJ/UcZly7NIMImJP5KqlRyLF24ZaAiNZC
-j+ppVy2OzV34GW4VBxIH0+h+GyUpdsdO+ou8suGzisXWFfUpp52Ei9DRPQsVLWC+
-rLaZ2SJ4LwKBgQCVeyf9EyHxGB7hPg7zwyQLMnpol2PD/+qBf3wMs9y8cZQv6wDm
-/8W4fHaI7P2hXjbMx04hOXXJLA42C1FP7Q1HFRPw8E21URTKYWkfIm1olZhIWcfi
-3yEq73IYVRb0PUTUE3Q0AiApY+FO3uh/eMxAo1uH5Nx60xJkqzheHPPP2QKBgQCx
-y2asa3fhZAjQorcX6YhCjxletZuJ2rgjXgfmtJ/mPAxNk4a/CPEUNnptNZJZ7R6c
-Ooa6nx1papaULruTbevLGr+NGsCqKZEg1/qAVmNd0Lw3PDzOeL6SZ0gzTp8D2ZWJ
-/iU/CETNCFMZ7gVZsYy4HioiRYJdWIExJOOVpnN0hwKBgQCy7iod/gAJagOURPhu
-6AievvlIc7XvNnEwvFS0uCqmGzvhdHtFriBFGIYMH5Ea+DDnL9efl529r/TthWzv
-ocz7lWDMlH4Vyzqs+Tt4UHWCu1gDh4UAVga6AS+DbCVzKleseWxKgxjMD96f+7LT
-FRNf7QlGgk0Ei6aQZ+p3gfva7w==
------END PRIVATE KEY-----

selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak_certificate.pem

@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDwjCCAqqgAwIBAgIBATANBgkqhkiG9w0BAQsFADBLMTowOAYDVQQDDDFUTFNH
-ZW5TZWxmU2lnbmVkUm9vdENBIDIwMjQtMTEtMTRUMTQ6MDc6MTIuMTg2NTg4MQ0w
-CwYDVQQHDAQkJCQkMB4XDTI0MTExNDEzMDcxMloXDTM0MTExMjEzMDcxMlowKDEV
-MBMGA1UEAwwMcHJvZGtleWNsb2FrMQ8wDQYDVQQKDAZzZXJ2ZXIwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB1c4MHWnuqDBZ6VMYyk16W5qVKmoQnm9c
-bjXC5hkmUU7BitYjthT+udt5dtzcbPo0bJf9/YNsfG00EsT/8/rUufU6K3Uor6Dj
-4r8Q1e/rm19KNChe79iJ7VzYu9yh/mVujVkLF51OgcKDFe7eDAGxhhpp9yG9WbWe
-BG8Ueoqh4uIHekFE5+LizbjgDOrYwna8XXhThyJQqnAV+SL4GwkVe38S902Mf78Z
-vnrWfUSuo0ZOigJr+7s2R4/nsvoCC8Ec6cMiJApqJ+9JED9/nLcCPSsdh4exD+cJ
-dWOe7Jd1HyfjcQ5dGF6a8NS+o8JUzI2H6d961Q3hvzD44v4SgbYZAgMBAAGjgdMw
-gdAwCQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw
-LgYDVR0RBCcwJYIMcHJvZGtleWNsb2FrggpXSlI3RDRGSEdYgglsb2NhbGhvc3Qw
-HQYDVR0OBBYEFHAbzqd72oqgHN5VZaJA94OxbVHxMB8GA1UdIwQYMBaAFPsm2Wgu
-4Sjb0Z7Bb48ZuwAJA7VnMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly9jcmwtc2Vy
-dmVyOjgwMDAvYmFzaWMuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA+GaPVxIP2BUH4
-DUSiuLr3NB04qWFEhTC4dros6ebU0B9q9VwNdns7TsnTf1K0c3MEv7Q9lgBq1sds
-PUP+oOygF/xunjup0a2Z4Dl13YWC8D/gsWMK5Lfhczjk9RFNRnzkysMfajXk5oA8
-i7Ne8Cw+ROzbNfP7b9d2KLYctfxTsUf9r52RFLyhDbDzhaZvpmeyBfq4VIUpi6Sa
-vE+MaDgJzg2FnS3EoSBELcPvy0Vhdqy+DnbCviIdJm8U39Ht4ygFJnSbCV1c7xjv
-64YKSPV7jECeDLhdo2rLNhiiN+5NLJvrC/Mj4919Etngr9oIyfX9TToNVTKtp3JT
-HU3R+2KE
------END CERTIFICATE-----

selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak_key.pem

@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDB1c4MHWnuqDBZ
-6VMYyk16W5qVKmoQnm9cbjXC5hkmUU7BitYjthT+udt5dtzcbPo0bJf9/YNsfG00
-EsT/8/rUufU6K3Uor6Dj4r8Q1e/rm19KNChe79iJ7VzYu9yh/mVujVkLF51OgcKD
-Fe7eDAGxhhpp9yG9WbWeBG8Ueoqh4uIHekFE5+LizbjgDOrYwna8XXhThyJQqnAV
-+SL4GwkVe38S902Mf78ZvnrWfUSuo0ZOigJr+7s2R4/nsvoCC8Ec6cMiJApqJ+9J
-ED9/nLcCPSsdh4exD+cJdWOe7Jd1HyfjcQ5dGF6a8NS+o8JUzI2H6d961Q3hvzD4
-4v4SgbYZAgMBAAECggEAUQs9gvg7ZfNBgB5bxZY0TdAGMo8Q2ND9m8ZiyRIe+tPt
-G2Qaw8SqQ5TfDIqjrrAL7yZmaGZ6cD4YBLlCUAgpXI9B1qf77N595TpVi8r/bOHC
-NkrXhFZBEe5CL0Zg6gRtUYtc6xPdDEmZ0+g0PvgDLz/0RFD1dO+Qzbhp30SbOTLh
-pZRMkz8KtjnwMKN8HJKsQctMVthnAfU5FW77+xpynovT9qs/zbZCcxGm/FMXc1VI
-Dxmy3yaztGLYD1amON7BdL7rYnfFvEbg+mhrc5tNvFN2KeQCpjdOmeRyuIG8VWJr
-u/P1O4ho1iWA5bhslhw1bbZh8JdR80uSL4q17x4WLwKBgQD6VApTzjW56KVu8RPs
-qup+7hLI81X6IT9naXwUTmfuHPj6ak5xoyKmnTYgA9RWL6em7KkK6o+OVwO0Gxlr
-tBGu2++QQjCNQjhzujgmlglk/oDh5HSys60g+BKkExpyk27rZHuvcduBmLuBvn3g
-Rr/0PzJPH5LzpfxyzH0pFbiHtwKBgQDGOheKeWUUaDOxMi5rrY2+NGHJtzrLkbHn
-9ss7Xb7OCOzZsw+AUnxIxTd9Ysloj9bhG7pRIn8xgofJ7z6m+mTVwF0+GwlhmrZd
-U9U1BOxkzR8q744tO5bGrF5wtGyMydILwJjz1tw9OiEwy58C1Ad5WOZt7Lu9/Rhn
-qQrdHyqQrwKBgHF9SHFWO+VdJCN4CKBznHyPUtTn/UK5cBViLW7HXTcGy5o8N/Qt
-EbiX7cH1+n5YfJmhEcJxNURDDtrIrm215Y5xB9tPJtPkAdP1yR81Rm0TNTs0Z/Pc
-odEgptLcFlF7pf3yQGD6LZpDtD7OLiNP8Ba70AMvPWBZEGq7asMFpfNhAoGAMQ6R
-YuC2Jj2/hTvRBy71ZDwcc0pYT6bn62tFUpTZsq28yAerb2t6fJvqJqq7A5iNajpt
-esTZy4vtRQljbPmM2OV5bfRM9w3N0fz8R9nHEw88hmiwu/sCTnq8CJJuRs1voR7x
-+26SJMjtC+Fooc+NZfedV1j+AX/QeV75ZE3hP9sCgYEAsHtQuviAZ6LKKp3N6wrZ
-NnCvzF4sZhGBp32v07bVba0AN/omG39ab5SRp2G5+rtO7uyisOfonmeoOTQauYOb
-NcnsjJ++ZQ1PKaSV8cxMRdbbAup6XwBps+CXLAGLGhF4LGd0sKVa0aBpmFfmk7Qs
-A4LC20RdtOiu1s5krdmXQvg=
------END PRIVATE KEY-----

selenium/test/oauth/with-basic-auth-idp-down/happy-login.js

@@ -1,32 +1,30 @@
 const { By, Key, until, Builder } = require('selenium-webdriver')
 require('chromedriver')
 const assert = require('assert')
-const { buildDriver, goToHome, captureScreensFor, teardown, idpLoginPage } = require('../../utils')
+const { buildDriver, goToHome, captureScreensFor, teardown, delay } = require('../../utils')
 
 const SSOHomePage = require('../../pageobjects/SSOHomePage')
 const OverviewPage = require('../../pageobjects/OverviewPage')
 
 describe('When basic authentication is enabled but UAA is down', function () {
   let homePage
-  let idpLogin
   let overview
   let captureScreen
 
   before(async function () {
     driver = buildDriver()
     await goToHome(driver)
-    homePage = new SSOHomePage(driver)
+    homePage = new SSOHomePage(driver)    
-    idpLogin = idpLoginPage(driver)
     overview = new OverviewPage(driver)
     captureScreen = captureScreensFor(driver, __filename)
   })
 
   it('can log in with Basic Auth', async function () {
     await homePage.toggleBasicAuthSection()
+    assert.ok(await homePage.isLoginButtonVisible)
     await homePage.basicAuthLogin('guest', 'guest')
-    if (!await overview.isLoaded()) {
+    await overview.isLoaded()
-      throw new Error('Failed to login')
+    assert.equal(await overview.getUser(), 'User guest')
-    }
     await overview.logout()
   })
 

selenium/test/pageobjects/BasePage.js

@@ -1,4 +1,4 @@
-const { By, Key, until, Builder, Select } = require('selenium-webdriver')
+const { By, Key, until, Builder, Select, WebDriverError,  NoSuchSessionError } = require('selenium-webdriver')
 
 const MENU_TABS = By.css('div#menu ul#tabs')
 const USER = By.css('li#logout')
@@ -185,7 +185,9 @@ module.exports = class BasePage {
         'Timed out after [timeout=' + this.timeout + ';polling=' + this.polling + '] seconds locating ' + locator,
         this.polling)
     }catch(error) {
-      console.error("Failed to locate element " + locator)
+      if (!error.name.includes("NoSuchSessionError")) {
+        console.error("Failed waitForLocated " + locator + " due to " + error)
+      }
       throw error
     }
   }
@@ -195,8 +197,10 @@ module.exports = class BasePage {
       return this.driver.wait(until.elementIsVisible(element), this.timeout,
         'Timed out after [timeout=' + this.timeout + ';polling=' + this.polling + '] awaiting till visible ' + element,
         this.polling)
-    }catch(error) {
+    }catch(error) {      
-      console.error("Failed to find visible element " + element)
+      if (!error.name.includes("NoSuchSessionError")) {
+        console.error("Failed to find visible element " + element + " due to " + error)
+      }
       throw error
     }
   }
@@ -207,7 +211,9 @@ module.exports = class BasePage {
     try {
       return this.waitForVisible(await this.waitForLocated(locator))
     }catch(error) {
-      console.error("Failed to waitForDisplayed for locator " + locator)
+      if (!error.name.includes("NoSuchSessionError")) {
+        console.error("Failed to waitForDisplayed " + locator + " due to " + error)
+      }
       throw error
     }
   }

selenium/test/pageobjects/SSOHomePage.js

@@ -87,8 +87,11 @@ module.exports = class SSOHomePage extends BasePage {
 
   async basicAuthLogin (username, password) {
     await this.isLoaded()
+    await this.waitForDisplayed(BASIC_AUTH_LOGIN_USERNAME)
     await this.sendKeys(BASIC_AUTH_LOGIN_USERNAME, username)
+    await this.waitForDisplayed(BASIC_AUTH_LOGIN_PASSWORD)
     await this.sendKeys(BASIC_AUTH_LOGIN_PASSWORD, password)
+    await this.waitForDisplayed(BASIC_AUTH_LOGIN_FORM)
     return this.submit(BASIC_AUTH_LOGIN_FORM)
   }