Configure oauth2 client for mgt ui

so that it is possible to test with
clients configured with opaque tokens
and others with jwt tokens

Author: MarcialRosales

deps/rabbitmq_auth_backend_oauth2/src/rabbit_auth_backend_oauth2.erl

@@ -154,7 +154,15 @@ authenticate(_, AuthProps0) ->
     Token0     = token_from_context(AuthProps),
     TokenResult = case uaa_jwt_jwt:is_jwt_token(Token0) of 
         true -> {ok, Token0};
-        false -> oauth2_client:introspect_token(Token0)
+        false -> 
+            case oauth2_client:introspect_token(Token0) of
+                {ok, Tk1} -> 
+                    rabbit_log:debug("Successfully introspected token : ~p", [Tk1]),
+                    {ok, Tk1};
+                {error, Err1} -> 
+                    rabbit_log:error("Failed to introspected token due to ~p", [Err1]),
+                    {error, Err1}
+            end
     end,
     case TokenResult of 
         {ok, Token} ->

selenium/test/oauth/env.keycloak

@@ -1,3 +1,4 @@
 export OAUTH_SERVER_CONFIG_DIR=${OAUTH_SERVER_CONFIG_BASEDIR}/oauth/keycloak
 export OAUTH_SIGNING_KEY_ID=Gnl2ZlbRh3rAr6Wymc988_5cY7T5GuePd5dpJlXDJUk
 export OAUTH_SCOPES="openid profile rabbitmq.tag:management"
+export OAUTH_CLIENT_ID=rabbitmq_client_code

selenium/test/oauth/env.spring

@@ -1,2 +1,3 @@
 export OAUTH_SERVER_CONFIG_DIR=${OAUTH_SERVER_CONFIG_BASEDIR}/oauth/spring
 export OAUTH_SCOPES="openid profile rabbitmq.tag:management"
+export OAUTH_CLIENT_ID=rabbitmq_client_code

selenium/test/oauth/env.spring.opaque-token

@@ -0,0 +1 @@
+export OAUTH_CLIENT_ID=rabbitmq_client_code_opaque

selenium/test/oauth/rabbitmq.conf

@@ -4,7 +4,7 @@ log.console.level = debug
 
 management.login_session_timeout = 1
 management.oauth_enabled = true
-management.oauth_client_id = rabbitmq_client_code
+management.oauth_client_id = ${OAUTH_CLIENT_ID}
 management.oauth_scopes = ${OAUTH_SCOPES}
 management.cors.allow_origins.1 = *
 

selenium/test/oauth/rabbitmq.opaque-token.conf

@@ -1,4 +1,4 @@
 auth_oauth2.access_token_format = opaque
 auth_oauth2.introspection_client_auth_method = basic
-auth_oauth2.introspection_client_id = rabbitmq_client_code_opaque
-auth_oauth2.introspection_client_secret = rabbitmq_client_code_opaque
+auth_oauth2.introspection_client_id = introspection_client
+auth_oauth2.introspection_client_secret = introspection_client

selenium/test/oauth/spring/application.yml

@@ -38,6 +38,22 @@ spring:
               client-authentication-methods:
                 - client_secret_basic              
               client-name: introspection_client            
+          mgt_api_client_opaque:
+            registration:
+              provider: spring
+              client-id: mgt_api_client_opaque
+              client-secret: "{noop}mgt_api_client_opaque"
+              authorization-grant-types: 
+                - client_credentials
+              client-authentication-methods:
+                - client_secret_basic
+              scopes: 
+                - openid
+                - profile
+                - rabbitmq.tag:management
+              client-name: mgt_api_client_opaque
+            token:
+              access-token-format: reference
           mgt_api_client:
             registration:
               provider: spring
@@ -51,9 +67,8 @@ spring:
                 - openid
                 - profile
                 - rabbitmq.tag:management
-              client-name: mgt_api_client
-            token:
-              access-token-format: reference
+                - rabbitmq.tag:administrator
+              client-name: mgt_api_client            
           rabbitmq_client_code_opaque:
             registration:
               provider: spring