rabbitmq · MarcialRosales · May 29, 2025 · May 29, 2025 · Jun 18, 2025 · Jun 18, 2025
diff --git a/.github/workflows/test-authnz.yaml b/.github/workflows/test-authnz.yaml
@@ -74,20 +74,22 @@ jobs:
     - name: Run Suites
       id: tests
       run: |        
-        IMAGE_TAG=$(find PACKAGES/rabbitmq-server-generic-unix-*.tar.xz | awk -F 'PACKAGES/rabbitmq-server-generic-unix-|.tar.xz' '{print $2}')
-        CONF_DIR_PREFIX="$(mktemp -d)" RABBITMQ_DOCKER_IMAGE=pivotalrabbitmq/rabbitmq:$IMAGE_TAG \
-         ${SELENIUM_DIR}/run-suites.sh full-suite-authnz-messaging        
-        echo "SELENIUM_ARTIFACTS=$CONF_DIR_PREFIX" >> "$GITHUB_OUTPUT"
-
+        export IMAGE_TAG=$(find PACKAGES/rabbitmq-server-generic-unix-*.tar.xz | awk -F 'PACKAGES/rabbitmq-server-generic-unix-|.tar.xz' '{print $2}')
+        export CONF_DIR_PREFIX="$(mktemp -d)" 
+        export RABBITMQ_DOCKER_IMAGE=pivotalrabbitmq/rabbitmq:$IMAGE_TAG
+        echo "Running selenium tests with "
+        echo " - CONF_DIR_PREFIX: ${CONF_DIR_PREFIX}"
+        echo " - IMAGE_TAG: ${IMAGE_TAG}"
+        echo " - RABBITMQ_DOCKER_IMAGE: ${RABBITMQ_DOCKER_IMAGE}"        
+        echo "SELENIUM_ARTIFACTS=${CONF_DIR_PREFIX}" >> $GITHUB_ENV        
+        ${SELENIUM_DIR}/run-suites.sh full-suite-authnz-messaging 
+
     - name: Upload Test Artifacts
-      if: always()
+      if: ${{ failure() && steps.tests.outcome == 'failure' }}
       uses: actions/[email protected]
-      env: 
-          SELENIUM_ARTIFACTS: ${{ steps.tests.outputs.SELENIUM_ARTIFACTS }}
       with:
         name: test-artifacts-${{ matrix.browser }}-${{ matrix.erlang_version }}        
-        path: |
-           $SELENIUM_ARTIFACTS/*
+        path: ${{ env.SELENIUM_ARTIFACTS }}/*
 
   summary-selenium:
     needs:

diff --git a/.github/workflows/test-management-ui-for-pr.yaml b/.github/workflows/test-management-ui-for-pr.yaml
@@ -62,17 +62,19 @@ jobs:
     - name: Run short UI suites on a standalone rabbitmq server
       id: tests
       run: |
-        IMAGE_TAG=$(find PACKAGES/rabbitmq-server-generic-unix-*.tar.xz | awk -F 'PACKAGES/rabbitmq-server-generic-unix-|.tar.xz' '{print $2}')
-        CONF_DIR_PREFIX="$(mktemp -d)" RABBITMQ_DOCKER_IMAGE=pivotalrabbitmq/rabbitmq:$IMAGE_TAG \
-          ${SELENIUM_DIR}/run-suites.sh short-suite-management-ui        
-        echo "SELENIUM_ARTIFACTS=$CONF_DIR_PREFIX" >> "$GITHUB_OUTPUT"
-
+        export IMAGE_TAG=$(find PACKAGES/rabbitmq-server-generic-unix-*.tar.xz | awk -F 'PACKAGES/rabbitmq-server-generic-unix-|.tar.xz' '{print $2}')
+        export CONF_DIR_PREFIX="$(mktemp -d)" 
+        export RABBITMQ_DOCKER_IMAGE=pivotalrabbitmq/rabbitmq:$IMAGE_TAG
+        echo "Running selenium tests with "
+        echo " - CONF_DIR_PREFIX: ${CONF_DIR_PREFIX}"
+        echo " - IMAGE_TAG: ${IMAGE_TAG}"
+        echo " - RABBITMQ_DOCKER_IMAGE: ${RABBITMQ_DOCKER_IMAGE}"       
+        echo "SELENIUM_ARTIFACTS=${CONF_DIR_PREFIX}" >> $GITHUB_ENV
+        ${SELENIUM_DIR}/run-suites.sh short-suite-management-ui
+
     - name: Upload Test Artifacts
-      if: ${{ failure() && steps.tests.outcome == 'failed' }}
+      if: ${{ failure() && steps.tests.outcome == 'failure' }}
       uses: actions/upload-artifact@v4
-      env: 
-          SELENIUM_ARTIFACTS: ${{ steps.tests.outputs.SELENIUM_ARTIFACTS }}
       with:
         name: test-artifacts-${{ matrix.browser }}-${{ matrix.erlang_version }}
-        path: |
-          $SELENIUM_ARTIFACTS/*
+        path: ${{ env.SELENIUM_ARTIFACTS }}/*
diff --git a/.github/workflows/test-management-ui.yaml b/.github/workflows/test-management-ui.yaml
@@ -66,17 +66,19 @@ jobs:
     - name: Run full UI suite on a 3-node rabbitmq cluster
       id: tests
       run: |
-        IMAGE_TAG=$(find PACKAGES/rabbitmq-server-generic-unix-*.tar.xz | awk -F 'PACKAGES/rabbitmq-server-generic-unix-|.tar.xz' '{print $2}')
-        CONF_DIR_PREFIX="$(mktemp -d)" RABBITMQ_DOCKER_IMAGE=pivotalrabbitmq/rabbitmq:$IMAGE_TAG \
-          ${SELENIUM_DIR}/run-suites.sh full-suite-management-ui
-        echo "SELENIUM_ARTIFACTS=$CONF_DIR_PREFIX" >> "$GITHUB_OUTPUT"
+        export IMAGE_TAG=$(find PACKAGES/rabbitmq-server-generic-unix-*.tar.xz | awk -F 'PACKAGES/rabbitmq-server-generic-unix-|.tar.xz' '{print $2}')
+        export CONF_DIR_PREFIX="$(mktemp -d)"
+        export RABBITMQ_DOCKER_IMAGE=pivotalrabbitmq/rabbitmq:$IMAGE_TAG
+        echo "Running selenium tests with "
+        echo " - CONF_DIR_PREFIX: ${CONF_DIR_PREFIX}"
+        echo " - IMAGE_TAG: ${IMAGE_TAG}"
+        echo " - RABBITMQ_DOCKER_IMAGE: ${RABBITMQ_DOCKER_IMAGE}"       
+        echo "SELENIUM_ARTIFACTS=${CONF_DIR_PREFIX}" >> $GITHUB_ENV
+        ${SELENIUM_DIR}/run-suites.sh full-suite-management-ui        
 
     - name: Upload Test Artifacts
-      if: ${{ failure() && steps.tests.outcome == 'failed' }}
+      if: ${{ failure() && steps.tests.outcome == 'failure' }}
       uses: actions/[email protected]
-      env: 
-          SELENIUM_ARTIFACTS: ${{ steps.run-suites.outputs.SELENIUM_ARTIFACTS }}
       with:
         name: test-artifacts-${{ matrix.browser }}-${{ matrix.erlang_version }}
-        path: |
-          $SELENIUM_ARTIFACTS/*
+        path: ${{ env.SELENIUM_ARTIFACTS }}/*
diff --git a/deps/oauth2_client/include/oauth2_client.hrl b/deps/oauth2_client/include/oauth2_client.hrl
@@ -27,6 +27,7 @@
 -define(REQUEST_CLIENT_SECRET, "client_secret").
 -define(REQUEST_SCOPE, "scope").
 -define(REQUEST_REFRESH_TOKEN, "refresh_token").
+-define(REQUEST_TOKEN, "token").
 
 % define access token response constants
 -define(BEARER_TOKEN_TYPE, <<"Bearer">>).
@@ -43,5 +44,6 @@
 -define(RESPONSE_TOKEN_ENDPOINT, <<"token_endpoint">>).
 -define(RESPONSE_AUTHORIZATION_ENDPOINT, <<"authorization_endpoint">>).
 -define(RESPONSE_END_SESSION_ENDPOINT, <<"end_session_endpoint">>).
+-define(RESPONSE_INTROSPECTION_ENDPOINT, <<"introspection_endpoint">>).
 -define(RESPONSE_JWKS_URI, <<"jwks_uri">>).
 -define(RESPONSE_TLS_OPTIONS, <<"ssl_options">>).
diff --git a/deps/oauth2_client/include/types.hrl b/deps/oauth2_client/include/types.hrl
@@ -16,7 +16,8 @@
     token_endpoint :: option(uri_string:uri_string()),
     authorization_endpoint :: option(uri_string:uri_string()),
     end_session_endpoint :: option(uri_string:uri_string()),
-    jwks_uri :: option(uri_string:uri_string())
+    jwks_uri :: option(uri_string:uri_string()),
+    introspection_endpoint :: option(uri_string:uri_string())
 }).
 -type openid_configuration() :: #openid_configuration{}.
 
@@ -28,6 +29,10 @@
     authorization_endpoint :: option(uri_string:uri_string()),
     end_session_endpoint :: option(uri_string:uri_string()),
     jwks_uri :: option(uri_string:uri_string()),
+    introspection_endpoint :: option(uri_string:uri_string()),
+    introspection_client_id :: binary() | undefined,
+    introspection_client_secret :: binary() | undefined,
+    introspection_client_auth_method :: basic | request_param | undefined,
     ssl_options :: option(list())
 }).
 
@@ -73,3 +78,27 @@
 }).
 
 -type refresh_token_request() :: #refresh_token_request{}.
+
+-record(introspect_token_request, {
+  endpoint :: option(uri_string:uri_string()),
+  client_id :: binary() | undefined,
+  client_secret :: binary() | undefined,
+  client_auth_method :: basic | request_param | undefined,
+  ssl_options :: option(list())
+}).
+
+-type introspect_token_request() :: #introspect_token_request{}.
+
+-record(unsuccessful_introspect_token_response, {
+    error :: binary() | string() | number(),
+    error_description :: binary() | string() | undefined
+}).
+
+-type unsuccessful_introspect_token_response() :: #unsuccessful_introspect_token_response{}.
+
+-record(signing_key, {
+    id :: string(),
+    type :: hs256 | rs256,
+    key :: option(#{binary() => binary()})
+}).
+-type signing_key() :: #signing_key{}.